| on: |
| workflow_dispatch: |
| push: |
| tags: |
| - "*.*.*" |
| |
| name: release |
| |
| permissions: |
| contents: read |
| |
| jobs: |
| build: |
| name: Build distributions for PyPI |
| runs-on: ubuntu-latest |
| |
| steps: |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 |
| |
| - name: Set up Python |
| uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 |
| |
| - name: Install build dependencies |
| run: python -m pip install build |
| |
| - name: Build distributions |
| run: python -m build |
| |
| - name: Upload distributions |
| uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 |
| with: |
| name: certifi-dists |
| path: dist/ |
| |
| pypi: |
| name: Publish to PyPI |
| runs-on: ubuntu-latest |
| environment: release |
| |
| needs: |
| - build |
| |
| permissions: |
| # Used to authenticate to PyPI via OIDC. |
| id-token: write |
| |
| steps: |
| - name: fetch dists |
| uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 |
| with: |
| name: certifi-dists |
| path: dist/ |
| |
| - name: publish |
| if: github.event_name == 'push' |
| uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 |
| with: |
| attestations: true |
