diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index c2b1f14..a2586fa 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -9,6 +9,9 @@ on: - '*' pull_request: workflow_dispatch: + release: + types: + - published permissions: contents: read @@ -172,17 +175,24 @@ jobs: name: wheels-sdist path: dist - release: - name: Release + publish: + name: Publish Python distributions to PyPI runs-on: ubuntu-latest - if: "startsWith(github.ref, 'refs/tags/')" + if: github.event_name == 'release' && github.event.action == 'published' needs: [linux, musllinux, windows, macos, sdist] + environment: + name: pypi + url: https://pypi.org/p/rfc3161-client + permissions: + # Used to sign the release's artifacts with sigstore-python. + # Used to publish to PyPI with Trusted Publishing. + id-token: write steps: - uses: actions/download-artifact@v4 - - name: Publish to PyPI - uses: PyO3/maturin-action@v1 - env: - MATURIN_PYPI_TOKEN: ${{ secrets.PYPI_API_TOKEN }} with: - command: upload - args: --non-interactive --skip-existing wheels-*/* + path: dist/ + - name: Publish distributions + uses: pypa/gh-action-pypi-publish@release/v1 + with: + attestations: true + verbose: true