@@ -68,45 +68,36 @@ jobs:
6868 run : |
6969 python -m sphinx -b doctest docs build
7070
71- name : Build artifacts
72- run : |
73- python setup.py sdist bdist_wheel
74-
75- name : Upload artifact
76- uses : actions/upload-artifact@v4
77- with :
78- name : ${{ runner.os }}-py${{ matrix.python-version }}-artifact
79- path : dist/*
80- retention-days : 7
8171
8272release :
73+ if : startsWith(github.ref, 'refs/tags/v')
8374 needs : [build]
8475 runs-on : ubuntu-latest
76+ permissions :
77+ id-token : write # IMPORTANT: this permission is mandatory for trusted publishing
8578 steps :
86- - uses : actions/checkout@v2
79+ - uses : actions/checkout@v4
8780
88- - uses : actions/download-artifact@v4.1.7
81+ - name : Set up Python
82+ uses : actions/setup-python@v5
8983 with :
90- path : artifacts/
84+ python-version : " 3.10"
85+
86+ - name : Install dependencies
87+ run : |
88+ pip install -r requirements.txt
89+ pip install -r dev-requirements.txt
9190
9291name : Create release description
9392 run : |
9493 python release-description.py CHANGELOG.rst > description.md
9594 cat description.md
9695
97- name : Move artifacts
96+ name : Create source distribution
9897 run : |
99- ls --recursive artifacts/
100-
101- mkdir dist
102- mv --backup=numbered artifacts/*/** dist
103- rm -f dist/*~
104-
105- echo "To be uploaded:"
106- ls dist
98+ python setup.py sdist
10799
108100name : Create release
109- if : startsWith(github.ref, 'refs/tags/v')
110101 uses : softprops/action-gh-release@v1
111102 env :
112103 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
@@ -115,9 +106,8 @@ jobs:
115106 files : |
116107 dist/*
117108
109+ # Github Actions have been set as a trusted publisher on PyPI's npstreams project,
110+ # hence why no username, password, or token is required.
118111 - name : Upload to PyPI
119- if : startsWith(github.ref, 'refs/tags/v' )
112+ if : always( )
120113 uses : pypa/gh-action-pypi-publish@release/v1
121- with :
122- user : __token__
123- password : ${{ secrets.PYPI_API_TOKEN }}
0 commit comments