Publish Tansu Python #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Tansu Python | |
| on: | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| publish: | |
| name: Publish Python distribution to PyPI | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| attestations: write | |
| environment: | |
| name: publish-python | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Python 3.12 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.12' | |
| architecture: 'x64' | |
| - name: Install hatch | |
| run: pip install hatch | |
| - name: Build | |
| run: hatch build | |
| - name: Generate artifact attestation for sdist and wheels | |
| uses: actions/attest-build-provenance@5e9cb68e95676991667494a6a4e59b8a2f13e1d0 | |
| with: | |
| subject-path: "dist/tansu*" | |
| - name: Verify artifact attestation | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| shell: bash | |
| run: | | |
| for artifact in dist/*; do | |
| echo "# ${artifact}" | |
| gh attestation verify "${artifact}" --repo ${{ github.repository }} | |
| done | |
| - name: Publish distribution to PyPI | |
| uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 | |
| with: | |
| print-hash: true |