Add attestations to allow publishing to Pypi

2024-11-24 05:15:47 +03:00 · 2024-11-01 11:21:28 +01:00 · 2024-11-01 11:21:28 +01:00 · ccf837eb9f
commit ccf837eb9f
parent 6095eadd30
1 changed files with 1 additions and 7 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -37,6 +37,7 @@ jobs:
    runs-on: ubuntu-latest

    permissions:
+      attestations: write
      id-token: write

    steps:
@ -69,10 +70,6 @@ jobs:
        if: github.ref == 'refs/heads/develop'
        uses: pypa/gh-action-pypi-publish@release/v1
        with:
-          # user and password should be removed
-          # because Github action is a trusted publiser
-          # user: __token__
-          # password: ${{ secrets.TEST_PYPI_API_TOKEN }}
          repository-url: https://test.pypi.org/legacy/
          skip-existing: true

@ -80,9 +77,6 @@ jobs:
        if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
        uses: pypa/gh-action-pypi-publish@release/v1
        with:
-          # user and password should be removed (if it is ok on test.pypi)
-          # user: __token__
-          # password: ${{ secrets.PYPI_API_TOKEN }}
          skip-existing: true

  create_Docker_builds: