diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 9c4956d..8806c75 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,9 +1,8 @@ name: Publish to PyPI on: - push: - branches: - - main + release: + types: [created] jobs: build: @@ -21,14 +20,13 @@ jobs: - name: Build a binary wheel and a source tarball run: python3 -m build - name: Store the distribution packages - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: python-package-distributions path: dist/ publish: name: Publish to PyPI - if: startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes needs: - build runs-on: macos-latest @@ -36,7 +34,7 @@ jobs: name: release url: https://pypi.org/p/jaffle-shop-generator permissions: - id-token: write # IMPORTANT: mandatory for trusted publishing + id-token: write steps: - name: Download all the dists @@ -46,35 +44,3 @@ jobs: path: dist/ - name: Publish dist to PyPI uses: pypa/gh-action-pypi-publish@release/v1 - - github-release: - name: Publish GitHub Release - needs: - - publish-to-pypi - runs-on: macos-latest - permissions: - contents: write # IMPORTANT: mandatory for making GitHub Releases - id-token: write # IMPORTANT: mandatory for sigstore - - steps: - - name: Download all the dists - uses: actions/download-artifact@v4 - with: - name: python-package-distributions - path: dist/ - - name: Sign the dists with Sigstore - uses: sigstore/gh-action-sigstore-python@v2 - with: - inputs: | - ./dist/*.tar.gz - ./dist/*.whl - - name: Create GitHub Release - env: - GITHUB_TOKEN: ${{ github.token }} - run: | - gh release create '${{ github.ref_name }}' --repo '${{ github.repository }}' --notes "" - - name: Upload artifact signatures to GitHub Release - env: - GITHUB_TOKEN: ${{ github.token }} - run: | - gh release upload '${{ github.ref_name }}' dist/** --repo '${{ github.repository }}'