Configure Trusted Publishing explicitly

2024-11-23 23:34:18 +00:00 · 2023-11-19 04:42:20 +01:00 · 2023-11-19 04:42:20 +01:00 · a0ab0b3a76
commit a0ab0b3a76
parent 1eb6862b49
1 changed files with 14 additions and 1 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -19,10 +19,23 @@ jobs:
      - test
      - build

+  # Must be explicit due to how Trusted Publishing works on PyPI!
  pypi:
-    uses: Steffo99/.github/.github/workflows/release-poetry-pypi.yml@main
+    name: "Publish release on PyPI"
+    runs-on: ubuntu-latest
+
    permissions:
      id-token: write
+
    needs:
      - test
      - build
+    steps:
+      - name: "Download built packages from artifacts"
+        uses: actions/download-artifact@v3
+        with:
+          name: "Build"
+          path: dist/
+
+      - name: "Upload package"
+        uses: pypa/gh-action-pypi-publish@release/v1