Use PyPI Trusted Publishing to push releases

crdbrd · Nov 19, 2024 · c78ee83 · c78ee83
1 parent 7d93692
commit c78ee83
Showing 1 changed file with 11 additions and 8 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -6,15 +6,18 @@ on:
 
 jobs:
   release:
-    environment: release
     runs-on: ubuntu-latest
-
+    environment:
+      name: pypi
+      url: https://pypi.org/project/brreg/
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
+      - uses: hynek/build-and-inspect-python-package@v2
+        id: build
+      - uses: actions/download-artifact@v4
         with:
-          python-version: "3.13"
-      - run: pip install nox==2024.10.9 poetry==1.8.3
-      - run: nox --python 3.13
-      - run: poetry build
-      - run: poetry publish --username=__token__ --password=${{ secrets.PYPI_TOKEN }}
+          name: ${{ steps.build.outputs.artifact-name }}
+          path: dist
+      - uses: pypa/gh-action-pypi-publish@release/v1