From 4a17f80e4501a282d911f9a5915c51ce3450e470 Mon Sep 17 00:00:00 2001
From: dgw <dgw@technobabbl.es>
Date: Sun, 9 Jun 2024 08:40:28 -0500
Subject: [PATCH] Add Trusted Publishing workflow for PyPI package

"Stolen" from sopel-irc/sopel-twitter (but not *really* stolen, since I
wrote that file).
---
 .github/workflows/trusted-publishing.yml | 29 ++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 .github/workflows/trusted-publishing.yml

diff --git a/.github/workflows/trusted-publishing.yml b/.github/workflows/trusted-publishing.yml
new file mode 100644
index 0000000..cbe644f
--- /dev/null
+++ b/.github/workflows/trusted-publishing.yml
@@ -0,0 +1,29 @@
+name: Upload Python Package
+
+on:
+  release:
+    types: [published]
+
+permissions:
+  contents: read
+
+jobs:
+  upload:
+    runs-on: ubuntu-latest
+    environment: release
+    permissions:
+      id-token: write
+    steps:
+    - uses: actions/checkout@v4
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.10'
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install build
+    - name: Build package
+      run: python -m build
+    - name: Publish package
+      uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450