Merge pull request #304 from AikidoSec/fix-poetry-safer-publishing

Fix: poetry now has stricter publishing requirements, move to recommended publishing strategy
AikidoSec · Jan 23, 2025 · 6ef47e2 · 6ef47e2
2 parents b89f197 + ee41390
commit 6ef47e2
Showing 1 changed file with 4 additions and 8 deletions.
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -3,7 +3,8 @@ name: Publish Python 🐍 distribution 📦 to PyPI
 on:
   release:
     types: [created]
-
+permissions:
+  id-token: write
 jobs:
   tests:
     name: Linting and running tests
@@ -54,13 +55,8 @@ jobs:
         make replace_version version=${TAG_NAME#v}
     - name: Download binaries & build
       run: make build
-    - name: Publish to PyPI
-      env:
-        POETRY_HTTP_BASIC_PYPI_USERNAME: __token__
-        POETRY_HTTP_BASIC_PYPI_PASSWORD: ${{ secrets.PYPI_TOKEN }}
-      run: |
-        poetry config pypi-token.pypi ${{ secrets.PYPI_TOKEN }}
-        poetry publish --build
+    - name: Publish package distributions to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
     - name: Store the distribution packages
       uses: actions/upload-artifact@v3
       with: