Skip to content

Attestations need permissions to attest #10

Attestations need permissions to attest

Attestations need permissions to attest #10

name: Publish Python 🐍 distributions πŸ“¦ to PyPI
on:
push:
branches:
- main
pull_request:
branches:
- main
release:
types:
- published
jobs:
build:
name: Build distribution πŸ“¦
runs-on: ubuntu-latest
permissions:
attestations: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Build and inspect Python 🐍 package πŸ“¦
uses: hynek/build-and-inspect-python-package@2dbbf2b252d3a3c7cec7a810e3ed5983bd17b13a # v2.8.0
with:
attest-build-provenance-github: ${{ github.event.action == 'published' }}
publish-to-pypi:
name: Publish Python 🐍 distribution πŸ“¦ to PyPI
needs: build
if: ${{ github.event.action == 'published' }}
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/project/crazylibs/${{ github.ref_name }}
permissions:
id-token: write
steps:
- name: Download dists
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: Packages
path: dist/
- name: Publish distribution πŸ“¦ to PyPI
uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # v1.9.0
with:
verbose: true
print-hash: true