From a50b7e7209ffc27e158ef22c8aa1e18b7aba9b77 Mon Sep 17 00:00:00 2001 From: Tsuyoshi Hombashi Date: Sun, 7 Apr 2024 18:04:29 +0900 Subject: [PATCH] Update the publish workflow --- .github/workflows/publish.yml | 45 ++++++++++++++++++++++------------- 1 file changed, 29 insertions(+), 16 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0de1f6e..4b65086 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -6,36 +6,49 @@ on: - "v*.*.*" jobs: - build-and-publish: + build-package: runs-on: ubuntu-latest - environment: - name: pypi - url: https://pypi.org/p/cleanpy + container: + image: ghcr.io/thombashi/python-ci:3.11 steps: - uses: actions/checkout@v4 - - name: Setup Python - uses: actions/setup-python@v4 + - run: make build + + - uses: actions/upload-artifact@v4 with: - python-version: "3.11" - cache: pip - cache-dependency-path: | - setup.py - **/*requirements.txt - tox.ini + name: dist + path: ./dist/* - - run: make setup-ci + publish-package: + needs: build-package + runs-on: ubuntu-latest + environment: + name: pypi + url: https://pypi.org/p/cleanpy + permissions: + id-token: write # IMPORTANT: this permission is mandatory for trusted publishing + contents: write - - run: make build + steps: + - uses: actions/download-artifact@v4 + with: + name: dist + path: ./dist - name: Publish to PyPI uses: pypa/gh-action-pypi-publish@release/v1 + + - name: Sign the dists with Sigstore + uses: sigstore/gh-action-sigstore-python@v2.1.1 with: - user: __token__ - password: ${{ secrets.PYPI_API_TOKEN }} + inputs: >- + ./dist/*.tar.gz + ./dist/*.whl - name: Generate a GitHub release uses: softprops/action-gh-release@v2 with: generate_release_notes: true + files: dist/*