diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 4d16bef..51aa419 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -18,7 +18,7 @@ jobs: with: python-version: 3.13 - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 - build: + test: runs-on: ubuntu-latest strategy: matrix: @@ -37,23 +37,28 @@ jobs: uses: fedora-python/tox-github-action@807f27871410c7391018dc9a245c8cffdced15e9 # v41.0 with: tox_env: ${{ matrix.tox_env }} - - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 - with: - cache: pip - cache-dependency-path: | - requirements-dev.txt - setup.py - deploy: - name: Build deploy + build: runs-on: ubuntu-latest permissions: contents: read steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 - - uses: casperdcl/deploy-pypi@928e3123266d588b46c017228f9a9d4c13ad4c93 # v2.5.0 + - run: python -m pip install --upgrade build + - run: python -m build + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + with: + name: dist + path: dist/ + publish: + runs-on: ubuntu-latest + needs: build + if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags') }} + permissions: + id-token: write + steps: + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: - password: ${{ secrets.PYPI_TOKEN }} - build: true - # only upload if a tag is pushed (otherwise just build & check) - upload: ${{ github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags') }} + name: dist + path: dist/ + - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0