Skip to content

Commit 821807d

Browse files
r-brownr-brown
committed
Revisit GitHub Actions
1 parent f65b2d1 commit 821807d

3 files changed

Lines changed: 2 additions & 23 deletions

File tree

.github/workflows/netlicensing-publish-pypi.yml

Lines changed: 1 addition & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,31 +1,18 @@
11
# Publishes the package to PyPI when a GitHub Release is *published*
2-
# (not on draft creation — only when you click "Publish release").
3-
#
4-
# Authentication: uses PyPI Trusted Publisher (OIDC) — no long-lived secrets
5-
# needed. Configure a Trusted Publisher for this repo on pypi.org first:
6-
# https://docs.pypi.org/trusted-publishers/adding-a-publisher/
7-
#
8-
# If you prefer an API token instead, remove the `environment` + `permissions`
9-
# blocks and uncomment:
10-
# password: ${{ secrets.PYPI_API_TOKEN }}
11-
# in the "Publish" step below.
122

133
name: Python Client - Publish to PyPI
144

155
on:
166
release:
177
types: [published]
188

19-
# Restrict the default GITHUB_TOKEN to read-only.
20-
# The publish job adds id-token: write for OIDC Trusted Publisher.
219
permissions:
2210
contents: read
2311

2412
jobs:
2513
test:
2614
name: "Test before publish"
2715
runs-on: ubuntu-latest
28-
# inherits workflow-level permissions: contents: read
2916

3017
steps:
3118
- uses: actions/checkout@v4
@@ -48,7 +35,7 @@ jobs:
4835

4936
environment: pypi
5037
permissions:
51-
id-token: write # required for OIDC Trusted Publisher
38+
id-token: write
5239

5340
steps:
5441
- uses: actions/checkout@v4
@@ -69,6 +56,3 @@ jobs:
6956

7057
- name: Publish to PyPI
7158
uses: pypa/gh-action-pypi-publish@release/v1
72-
# Uncomment the next line to use an API token instead of Trusted Publisher:
73-
# with:
74-
# password: ${{ secrets.PYPI_API_TOKEN }}

.github/workflows/netlicensing-python-ci.yml

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,3 @@
1-
# Runs on every push / pull-request against master.
2-
# Matrix: Python 3.11 – 3.14 | type-check (mypy) + tests (pytest) + coverage
3-
41
name: Python Client - CI
52

63
on:
@@ -9,8 +6,6 @@ on:
96
pull_request:
107
branches: [master]
118

12-
# Restrict the default GITHUB_TOKEN to read-only.
13-
# Individual jobs add back only the permissions they need.
149
permissions:
1510
contents: read
1611

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@ markers = [
7070

7171
[tool.black]
7272
line-length = 120
73-
target-version = ["py310"]
73+
target-version = ["py311"]
7474

7575
[tool.isort]
7676
profile = "black"

0 commit comments

Comments
 (0)