Skip to content

Commit

Permalink
Change CI to use trusted publisher.
Browse files Browse the repository at this point in the history
  • Loading branch information
@chrisstaite
chrisstaite committed Jan 1, 2025
1 parent 385488f commit 346b936
Showing 1 changed file with 14 additions and 21 deletions.
35 changes: 14 additions & 21 deletions .github/workflows/cmake.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,17 +35,16 @@ jobs:
if: github.event_name == 'release' && github.event.action == 'created'
needs: [ build_linux2_24_64 ]
runs-on: ubuntu-latest
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
id: download
with:
name: manylinux2_24_64

- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: ${{ steps.download.outputs.download-path }}

build_linux2_24_32:
Expand All @@ -72,17 +71,16 @@ jobs:
if: github.event_name == 'release' && github.event.action == 'created'
needs: [ build_linux2_24_32 ]
runs-on: ubuntu-latest
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
id: download
with:
name: manylinux2_24_32

- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: ${{ steps.download.outputs.download-path }}

build_linux2_24_aarch64:
Expand Down Expand Up @@ -115,17 +113,16 @@ jobs:
if: github.event_name == 'release' && github.event.action == 'created'
needs: [ build_linux2_24_aarch64 ]
runs-on: ubuntu-latest
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
id: download
with:
name: manylinux2_24_aarch64

- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: ${{ steps.download.outputs.download-path }}

build_linux2_28_64:
Expand All @@ -152,17 +149,16 @@ jobs:
if: github.event_name == 'release' && github.event.action == 'created'
needs: [ build_linux2_28_64 ]
runs-on: ubuntu-latest
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
id: download
with:
name: manylinux2_28_64

- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: ${{ steps.download.outputs.download-path }}

build_linux2_28_aarch64:
Expand Down Expand Up @@ -195,17 +191,16 @@ jobs:
if: github.event_name == 'release' && github.event.action == 'created'
needs: [ build_linux2_28_aarch64 ]
runs-on: ubuntu-latest
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
id: download
with:
name: manylinux2_28_aarch64

- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: ${{ steps.download.outputs.download-path }}

build_mac:
Expand Down Expand Up @@ -248,17 +243,16 @@ jobs:
matrix:
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12', '3.13']
arch: ['arm64', 'x86_64']
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
id: download
with:
name: mac_${{ matrix.arch }}_${{ matrix.python-version }}

- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: ${{ steps.download.outputs.download-path }}

build_windows:
Expand Down Expand Up @@ -308,15 +302,14 @@ jobs:
matrix:
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12', '3.13']
python-arch: ['x86', 'x64']
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
id: download
with:
name: windows_${{ matrix.python-arch }}_${{ matrix.python-version }}

- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: ${{ steps.download.outputs.download-path }}

0 comments on commit 346b936

Please sign in to comment.