Skip to content

Commit

Permalink
🎨 Show GH environments use in README examples
Browse files Browse the repository at this point in the history
It is a useful protection feature giving the end-users more control
over the release flow and trust.
webknjaz committed Apr 24, 2023

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
1 parent 3b6670b commit 7a1a355
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -86,6 +86,9 @@ jobs:
pypi-publish:
name: Upload release to PyPI
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/<your-pypi-project-name>
permissions:
id-token: write # IMPORTANT: this permission is mandatory for trusted publishing
steps:
@@ -103,6 +106,7 @@ Other indices that support trusted publishing can also be used, like TestPyPI:
with:
repository-url: https://test.pypi.org/legacy/
```
_(don't forget to update the environment name to `testpypi` or similar!)_

> **Pro tip**: only set the `id-token: write` permission in the job that does
> publishing, not globally. Also, try to separate building from publishing

0 comments on commit 7a1a355

Please sign in to comment.