v1.8.7 — Onboarding UX: demo + init + onboard + static page #29
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish to PyPI | |
| # Se déclenche UNIQUEMENT sur une GitHub Release publiée | |
| on: | |
| release: | |
| types: [published] | |
| # Permission OIDC requise pour le Trusted Publisher (pas de token PyPI en secret) | |
| permissions: | |
| contents: read | |
| id-token: write # ← OBLIGATOIRE pour OIDC / Trusted Publisher | |
| jobs: | |
| build: | |
| name: Build distribution | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| cache: pip | |
| - name: Install build tools | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build twine | |
| - name: Bump version strings in docs | |
| run: python scripts/bump_version.py | |
| - name: Build wheel + sdist | |
| run: python -m build | |
| - name: Verify package with twine | |
| run: twine check dist/* | |
| - name: Upload dist as artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/ | |
| publish: | |
| name: Publish to PyPI (Trusted Publisher / OIDC) | |
| needs: build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/project/piqrypt/ | |
| steps: | |
| - name: Download dist artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/ | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| password: ${{ secrets.PYPI_API_TOKEN }} |