change to pypi authentication #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish Release to (Test)PyPI | |
on: push | |
jobs: | |
build: | |
name: Build fabricator distribution | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: "3.x" | |
- name: Install pypa/build | |
run: >- | |
python3 -m | |
pip install | |
build | |
--user | |
- name: Build binary wheel and source tarball | |
run: python3 -m build | |
- name: Store distribution packages | |
uses: actions/upload-artifact@v3 | |
with: | |
name: python-package-distributions | |
path: dist/ | |
publish-to-pypi: | |
name: >- | |
Publish fabricator Release to PyPI | |
if: startsWith(github.ref, 'refs/tags/') | |
needs: | |
- build | |
runs-on: ubuntu-latest | |
environment: | |
name: pypi | |
url: https://pypi.org/p/fabricator-ai | |
steps: | |
- name: Download all the dists | |
uses: actions/download-artifact@v3 | |
with: | |
name: python-package-distributions | |
path: dist/ | |
- name: Publish distribution 📦 to PyPI | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
user: __token__ | |
password: ${{ secrets.TESTPYPI_TOKEN }} | |
github-release: | |
name: >- | |
Sign fabricator distribution with Sigstore | |
and upload them to GitHub Release | |
needs: | |
- publish-to-pypi | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
id-token: write | |
steps: | |
- name: Download all the dists | |
uses: actions/download-artifact@v3 | |
with: | |
name: python-package-distributions | |
path: dist/ | |
- name: Sign the dists with Sigstore | |
uses: sigstore/[email protected] | |
with: | |
inputs: >- | |
./dist/*.tar.gz | |
./dist/*.whl | |
- name: Create GitHub Release | |
run: >- | |
gh release create | |
'${{ github.ref_name }}' | |
--notes "" | |
- name: Upload artifact signatures to GitHub Release | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
# Upload to GitHub Release using the `gh` CLI. | |
# `dist/` contains the built packages, and the | |
# sigstore-produced signatures and certificates. | |
run: >- | |
gh release upload | |
'${{ github.ref_name }}' dist/** | |
--repo '${{ github.repository }}' | |
publish-to-testpypi: | |
name: Publish fabricator distribution to TestPyPI | |
needs: | |
- build | |
runs-on: ubuntu-latest | |
environment: | |
name: testpypi | |
url: https://test.pypi.org/p/fabricator-ai | |
steps: | |
- name: Download all the dists | |
uses: actions/download-artifact@v3 | |
with: | |
name: python-package-distributions | |
path: dist/ | |
- name: Publish distribution 📦 to TestPyPI | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
user: __token__ | |
password: ${{ secrets.TESTPYPI_TOKEN }} |