From e445ca2bde48100b5cb370f216b4e8cc73b464f8 Mon Sep 17 00:00:00 2001 From: Henry Schreiner <HenrySchreinerIII@gmail.com> Date: Fri, 13 Sep 2024 20:21:43 -0400 Subject: [PATCH] ci: PyPI attestations (#5374) --- .github/workflows/pip.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pip.yml b/.github/workflows/pip.yml index a2c4dba6bc..3713537379 100644 --- a/.github/workflows/pip.yml +++ b/.github/workflows/pip.yml @@ -91,11 +91,12 @@ jobs: runs-on: ubuntu-latest if: github.event_name == 'release' && github.event.action == 'published' needs: [packaging] - environment: pypi + environment: + name: pypi + url: https://pypi.org/p/pybind11 permissions: id-token: write attestations: write - contents: read steps: # Downloads all to directories matching the artifact names @@ -110,8 +111,10 @@ jobs: uses: pypa/gh-action-pypi-publish@release/v1 with: packages-dir: standard/ + attestations: true - name: Publish global package uses: pypa/gh-action-pypi-publish@release/v1 with: packages-dir: global/ + attestations: true