@@ -758,61 +758,65 @@ jobs:
758
758
}}
759
759
jobs : ${{ toJSON(needs) }}
760
760
761
- publish :
762
- name : Publish 🐍📦 to (Test) PyPI
761
+ publish-pypi :
762
+ name : Publish 🐍📦 ${{ needs.pre-setup.outputs.git-tag }} to PyPI
763
763
needs :
764
764
- check
765
765
- pre-setup # transitive, for accessing settings
766
766
if : >-
767
- fromJSON(needs.pre-setup.outputs.is-untagged-devel) ||
768
767
fromJSON(needs.pre-setup.outputs.release-requested)
769
- runs-on : ${{ matrix.os }}
770
- strategy :
771
- # NOTE: Even though it's one job, it's easier to keep the params in one
772
- # NOTE: place using a matrix:
773
- matrix :
774
- os :
775
- - ubuntu-latest
768
+ runs-on : ubuntu-latest
776
769
777
- steps :
778
- - name : Check out src from Git
779
- if : fromJSON(needs.pre-setup.outputs.release-requested)
780
- uses : actions/checkout@v3
781
- with :
782
- fetch-depth : 0
783
- - name : Setup git user as [bot]
784
- if : fromJSON(needs.pre-setup.outputs.release-requested)
785
- uses : fregante/setup-git-user@v1.1.0
770
+ permissions :
771
+ id-token : write # PyPI Trusted Publishing (OIDC)
786
772
787
- - name : >-
788
- Tag the release in the local Git repo
789
- as ${{ needs.pre-setup.outputs.git-tag }}
790
- if: fromJSON(needs.pre-setup.outputs.release-requested)
791
- run: >-
792
- git tag '${{ needs.pre-setup.outputs.git-tag }}'
793
- ${{ github.event.inputs.release-committish }}
773
+ environment :
774
+ name : pypi
775
+ url : >-
776
+ https://pypi.org/project/ansible-pygments/${{
777
+ needs.pre-setup.outputs.dist-version
778
+ }}
779
+
780
+ steps :
794
781
- name : Download all the dists
795
782
uses : actions/download-artifact@v3
796
783
with :
797
784
name : python-package-distributions
798
785
path : dist/
799
- - name : Publish 🐍📦 ${{ needs.pre-setup.outputs.git-tag }}to TestPyPI
800
- if : >-
801
- fromJSON(needs.pre-setup.outputs.is-untagged-devel) ||
802
- fromJSON(needs.pre-setup.outputs.release-requested)
786
+ - name : >-
787
+ Publish 🐍📦 ${{ needs.pre-setup.outputs.git-tag }} to PyPI
803
788
uses: pypa/gh-action-pypi-publish@release/v1
789
+
790
+ publish-testpypi :
791
+ name : Publish 🐍📦 ${{ needs.pre-setup.outputs.git-tag }} to TestPyPI
792
+ needs :
793
+ - check
794
+ - pre-setup # transitive, for accessing settings
795
+ if : >-
796
+ fromJSON(needs.pre-setup.outputs.is-untagged-devel)
797
+ || fromJSON(needs.pre-setup.outputs.release-requested)
798
+ runs-on : ubuntu-latest
799
+
800
+ permissions :
801
+ id-token : write # PyPI Trusted Publishing (OIDC)
802
+
803
+ environment :
804
+ name : testpypi
805
+ url : >-
806
+ https://test.pypi.org/project/ansible-pygments/${{
807
+ needs.pre-setup.outputs.dist-version
808
+ }}
809
+
810
+ steps :
811
+ - name : Download all the dists
812
+ uses : actions/download-artifact@v3
804
813
with :
805
- password : ${{ secrets.TESTPYPI_API_TOKEN }}
806
- repository_url : https://test.pypi.org/legacy /
807
- - name : Publish 🐍📦 ${{ needs.pre-setup.outputs.git-tag }} to PyPI
808
- if : fromJSON( needs.pre-setup.outputs.release-requested)
814
+ name : python-package-distributions
815
+ path : dist /
816
+ - name : >-
817
+ Publish 🐍📦 ${{ needs.pre-setup.outputs.git-tag }} to TestPyPI
809
818
uses: pypa/gh-action-pypi-publish@release/v1
810
819
with:
811
- password : ${{ secrets.PYPI_API_TOKEN }}
812
- - name : >-
813
- Push ${{ needs.pre-setup.outputs.git-tag }} tag corresponding
814
- to the just published release back to GitHub
815
- if: fromJSON(needs.pre-setup.outputs.release-requested)
816
- run: >-
817
- git push --atomic origin '${{ needs.pre-setup.outputs.git-tag }}'
820
+ repository-url: https://test.pypi.org/legacy/
821
+
818
822
...
0 commit comments