Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ci: Use release environment to publish python distributions (probabl-…
…ai#945) The publication on PyPI is now more restricted than before: - only maintainers can publish to PyPI via tags, - the release request must be approved by a different maintainer. The `release` environment can't be reached by an opened PR, even with modifications on GHA. So that, only maintainers can publish to PyPI. --- ### Release sequence: 1. Creation of the tag (check for `rulesets` setting on GH) This step is restricted to maintainers. There is no constraint on the targeted branch. The status "ci-green" is required. 2. Deployment to the `release` environment (check for `environments` setting on GH) Only tags can trigger a deployment to the environment. For greater safety, one different maintainer must approve the workflow runs when they access this environment. 3. Publication to PyPI (check for `publication` setting on PyPI) Only events coming from `release` environment can trigger the PyPI publisher. Co-authored-by: Auguste Baum <[email protected]>
- Loading branch information