Skip to content

Commit 843b6dc

Browse files
authored
Merge pull request #55 from IntentProof/fix-pypi-inline-publish
Inline PyPI publish for trusted publishing compatibility
2 parents c38ec85 + cda4a98 commit 843b6dc

1 file changed

Lines changed: 23 additions & 11 deletions

File tree

.github/workflows/release-pypi.yml

Lines changed: 23 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -142,21 +142,33 @@ jobs:
142142
name: "IntentProof Release: Publish Python Package"
143143
needs: build
144144
if: github.event_name != 'workflow_dispatch' || inputs.publish_to_pypi
145+
runs-on: ubuntu-latest
145146
permissions:
146147
attestations: write
147-
contents: write
148+
contents: read
148149
id-token: write
149150
packages: write
150-
uses: IntentProof/intentproof-tools/.github/workflows/release-build-sign.yml@e982df238d9f111bc1f59b7473988c0d538dabb6
151-
with:
152-
artifact_kind: pypi
153-
subject_name: intentproof
154-
release_version: ${{ needs.build.outputs.release_version }}
155-
release_ref: ${{ needs.build.outputs.release_ref }}
156-
pypi_dist_dir: dist
157-
pypi_package_path: .
158-
artifact_download_name: python-release-package
159-
attest_to_rekor: ${{ github.event_name != 'workflow_dispatch' }}
151+
steps:
152+
- uses: actions/download-artifact@v4
153+
with:
154+
name: python-release-package
155+
path: dist
156+
157+
- uses: actions/setup-python@v5
158+
with:
159+
python-version: '3.12'
160+
161+
- name: Validate Python distributions
162+
run: |
163+
set -euo pipefail
164+
python -m pip install --upgrade twine
165+
test -d dist
166+
twine check dist/*
167+
168+
- uses: pypa/gh-action-pypi-publish@release/v1
169+
with:
170+
packages-dir: dist
171+
attestations: true
160172

161173
sign:
162174
name: "IntentProof Release: Sign Python Distributions"

0 commit comments

Comments
 (0)