From b149d6097443623fdd38516715c55c6256b9c93b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= Date: Thu, 25 Jan 2024 14:46:13 +0100 Subject: [PATCH] Change: Use trusted publisher upload for PyPI --- .github/workflows/deploy-pypi.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy-pypi.yml b/.github/workflows/deploy-pypi.yml index 5bf49858..f1df0d21 100644 --- a/.github/workflows/deploy-pypi.yml +++ b/.github/workflows/deploy-pypi.yml @@ -6,9 +6,12 @@ on: jobs: deploy: + permissions: + id-token: write runs-on: ubuntu-latest + environment: + name: pypi + url: https://pypi.org/project/ospd-openvas/ steps: - name: Build and publish to PyPI uses: greenbone/actions/pypi-upload@v3 - with: - pypi-token: ${{ secrets.PYPI_TOKEN }}