From b70bf83cf51b73f35033f22756e403c586b4f8ef Mon Sep 17 00:00:00 2001 From: Thomas-Hirsch <37899506+Thomas-Hirsch@users.noreply.github.com> Date: Mon, 13 Nov 2023 14:13:48 +0000 Subject: [PATCH 1/3] update pypi action --- .github/workflows/poetry-pypi-release.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/poetry-pypi-release.yml b/.github/workflows/poetry-pypi-release.yml index 76eb6e4..b9bc5de 100644 --- a/.github/workflows/poetry-pypi-release.yml +++ b/.github/workflows/poetry-pypi-release.yml @@ -6,11 +6,13 @@ on: jobs: poetry-publish: runs-on: ubuntu-latest + environment: release + permissions: + id-token: write steps: - uses: actions/checkout@v3 with: fetch-depth: 1 - name: release to PyPI uses: moj-analytical-services/actions-poetry-pypi-release@v1 - with: - pypi-api-token: ${{ secrets.PYPI_API_TOKEN }} + \ No newline at end of file From 5adbb95d9e59fa2a7f444e9549b0c81d5240a5fd Mon Sep 17 00:00:00 2001 From: Thomas-Hirsch <37899506+Thomas-Hirsch@users.noreply.github.com> Date: Tue, 21 Nov 2023 10:31:30 +0000 Subject: [PATCH 2/3] use new publishing action --- .github/workflows/poetry-pypi-release.yml | 37 ++++++++++++++++++----- 1 file changed, 29 insertions(+), 8 deletions(-) diff --git a/.github/workflows/poetry-pypi-release.yml b/.github/workflows/poetry-pypi-release.yml index b9bc5de..b247d83 100644 --- a/.github/workflows/poetry-pypi-release.yml +++ b/.github/workflows/poetry-pypi-release.yml @@ -1,18 +1,39 @@ -name: Release Package on PyPi +name: Publish on: push: tags: - 'v*.*.*' jobs: - poetry-publish: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - uses: actions/setup-python@v3 + with: + python-version: 3.11 + + - run: | + pip install poetry + poetry build + + - uses: actions/upload-artifact@v3 + with: + path: ./dist + + pypi-publish: + needs: ['build'] + environment: 'release' + + name: upload release to PyPI runs-on: ubuntu-latest - environment: release permissions: + # IMPORTANT: this permission is mandatory for trusted publishing id-token: write steps: - - uses: actions/checkout@v3 + - uses: actions/download-artifact@v3 + + - name: Publish package distributions to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 with: - fetch-depth: 1 - - name: release to PyPI - uses: moj-analytical-services/actions-poetry-pypi-release@v1 - \ No newline at end of file + packages_dir: artifact/ From 81aaae35b9d9d6619d85894d9ce6f944ebd56f9b Mon Sep 17 00:00:00 2001 From: Thomas-Hirsch <37899506+Thomas-Hirsch@users.noreply.github.com> Date: Tue, 21 Nov 2023 10:39:35 +0000 Subject: [PATCH 3/3] bump version and changelog --- CHANGELOG.md | 4 ++++ pyproject.toml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a91bb83..ad33e77 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). +## v4.2.2 + +- updated pypi action for trusted publisher + ## v4.2.1 - implemented backwards compatibility for secrets diff --git a/pyproject.toml b/pyproject.toml index 55e101e..ab3d1b3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "iam_builder" -version = "4.2.1" +version = "4.2.2" description = "A lil python package to generate iam policies" authors = ["Karik Isichei "] license = "MIT"