pypi release workflow #15

Workflow file for this run

.github/workflows/publish-release.yml at 152927b

	name: publish-release

	on:
	push:
	branches:
	- main

	jobs:
	build:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	python-version: [ "3.8", "3.9", "3.10", "3.11", "3.12" ]

	steps:
	- uses: actions/checkout@v4
	- name: Set up Python ${{ matrix.python-version }}
	uses: actions/setup-python@v4
	with:
	python-version: ${{ matrix.python-version }}
	- name: Install dependencies
	run: \|
	python -m pip install --upgrade pip
	pip install -r requirements.txt
	pip install -r test-requirements.txt
	- name: Test with pytest
	run: \|
	pytest --cov=hostinger-api

	pypi:
	needs: [build]
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	steps:
	- uses: actions/checkout@v3

	- uses: actions/setup-python@v4
	with:
	python-version: "3.x"

	- name: deps
	run: python -m pip install -U build

	- name: build
	run: python -m build

	- name: mint API token
	id: mint-token
	run: \|
	# retrieve the ambient OIDC token
	resp=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \
	"$ACTIONS_ID_TOKEN_REQUEST_URL&audience=pypi")
	oidc_token=$(jq -r '.value' <<< "${resp}")

	# exchange the OIDC token for an API token
	resp=$(curl -X POST https://pypi.org/_/oidc/mint-token -d "{\"token\": \"${oidc_token}\"}")
	api_token=$(jq -r '.token' <<< "${resp}")

	# mask the newly minted API token, so that we don't accidentally leak it
	echo "::add-mask::${api_token}"

	# see the next step in the workflow for an example of using this step output
	echo "api-token=${api_token}" >> "${GITHUB_OUTPUT}"

	- name: publish
	# gh-action-pypi-publish uses TWINE_PASSWORD automatically
	uses: pypa/gh-action-pypi-publish@release/v1
	with:
	password: ${{ steps.mint-token.outputs.api-token }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

pypi release workflow #15

Workflow file

pypi release workflow #15

Uh oh!

Workflow file for this run