diff --git a/.github/workflows/poetry-pypi-release.yml b/.github/workflows/poetry-pypi-release.yml index 76eb6e4..b247d83 100644 --- a/.github/workflows/poetry-pypi-release.yml +++ b/.github/workflows/poetry-pypi-release.yml @@ -1,16 +1,39 @@ -name: Release Package on PyPi +name: Publish on: push: tags: - 'v*.*.*' jobs: - poetry-publish: + build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 + + - uses: actions/setup-python@v3 with: - fetch-depth: 1 - - name: release to PyPI - uses: moj-analytical-services/actions-poetry-pypi-release@v1 + python-version: 3.11 + + - run: | + pip install poetry + poetry build + + - uses: actions/upload-artifact@v3 with: - pypi-api-token: ${{ secrets.PYPI_API_TOKEN }} + path: ./dist + + pypi-publish: + needs: ['build'] + environment: 'release' + + name: upload release to PyPI + runs-on: ubuntu-latest + permissions: + # IMPORTANT: this permission is mandatory for trusted publishing + id-token: write + steps: + - uses: actions/download-artifact@v3 + + - name: Publish package distributions to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + with: + packages_dir: artifact/ diff --git a/CHANGELOG.md b/CHANGELOG.md index a91bb83..ad33e77 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). +## v4.2.2 + +- updated pypi action for trusted publisher + ## v4.2.1 - implemented backwards compatibility for secrets diff --git a/pyproject.toml b/pyproject.toml index 55e101e..ab3d1b3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "iam_builder" -version = "4.2.1" +version = "4.2.2" description = "A lil python package to generate iam policies" authors = ["Karik Isichei "] license = "MIT"