From 4007174a34b932f6c1216d5d6b7401382f534892 Mon Sep 17 00:00:00 2001 From: Graeme Holliday Date: Tue, 24 Sep 2024 13:17:24 -0500 Subject: [PATCH] update workflow --- .github/workflows/python-publish.yml | 74 ++++++---------------------- 1 file changed, 15 insertions(+), 59 deletions(-) diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml index a459316..febb627 100644 --- a/.github/workflows/python-publish.yml +++ b/.github/workflows/python-publish.yml @@ -27,16 +27,16 @@ jobs: name: python-package-distributions path: dist/ - publish-to-pypi: - name: >- - Publish Python 🐍 distribution 📦 to PyPI - if: startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes + publish-to-testpypi: + name: Publish Python 🐍 distribution 📦 to TestPyPI needs: - build runs-on: ubuntu-latest + environment: - name: pypi - url: https://pypi.org/p/tastytrade + name: testpypi + url: https://test.pypi.org/p/tastytrade + permissions: id-token: write # IMPORTANT: mandatory for trusted publishing @@ -46,62 +46,20 @@ jobs: with: name: python-package-distributions path: dist/ - - name: Publish distribution 📦 to PyPI + - name: Publish distribution 📦 to TestPyPI uses: pypa/gh-action-pypi-publish@release/v1 - - github-release: - name: >- - Sign the Python 🐍 distribution 📦 with Sigstore - and upload them to GitHub Release - needs: - - publish-to-pypi - runs-on: ubuntu-latest - - permissions: - contents: write # IMPORTANT: mandatory for making GitHub Releases - id-token: write # IMPORTANT: mandatory for sigstore - - steps: - - name: Download all the dists - uses: actions/download-artifact@v4 with: - name: python-package-distributions - path: dist/ - - name: Sign the dists with Sigstore - uses: sigstore/gh-action-sigstore-python@v2.1.1 - with: - inputs: >- - ./dist/*.tar.gz - ./dist/*.whl - - name: Create GitHub Release - env: - GITHUB_TOKEN: ${{ github.token }} - run: >- - gh release create - '${{ github.ref_name }}' - --repo '${{ github.repository }}' - --notes "" - - name: Upload artifact signatures to GitHub Release - env: - GITHUB_TOKEN: ${{ github.token }} - # Upload to GitHub Release using the `gh` CLI. - # `dist/` contains the built packages, and the - # sigstore-produced signatures and certificates. - run: >- - gh release upload - '${{ github.ref_name }}' dist/** - --repo '${{ github.repository }}' + repository-url: https://test.pypi.org/legacy/ - publish-to-testpypi: - name: Publish Python 🐍 distribution 📦 to TestPyPI + publish-to-pypi: + name: >- + Publish Python 🐍 distribution 📦 to PyPI needs: - - build + - publish-to-testpypi runs-on: ubuntu-latest - environment: - name: testpypi - url: https://test.pypi.org/p/tastytrade - + name: pypi + url: https://pypi.org/p/tastytrade permissions: id-token: write # IMPORTANT: mandatory for trusted publishing @@ -111,7 +69,5 @@ jobs: with: name: python-package-distributions path: dist/ - - name: Publish distribution 📦 to TestPyPI + - name: Publish distribution 📦 to PyPI uses: pypa/gh-action-pypi-publish@release/v1 - with: - repository-url: https://test.pypi.org/legacy/