| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| # GitHub recommends pinning actions to a commit SHA. | |
| # To get a newer version, you will need to update the SHA. | |
| # You can also reference a tag or branch, but the action may change without warning. | |
| name: Upload Python Package | |
| on: | |
| release: | |
| types: [published] | |
| permissions: | |
| contents: read | |
| jobs: | |
| release-build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.x" | |
| - name: Build release distributions | |
| run: | | |
| # NOTE: put your own distribution build steps here. | |
| python -m pip install build | |
| python -m build | |
| - name: Upload distributions | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: release-dists | |
| path: dist/ | |
| pypi-publish: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - release-build | |
| permissions: | |
| # IMPORTANT: this permission is mandatory for trusted publishing | |
| id-token: write | |
| # Dedicated environments with protections for publishing are strongly recommended. | |
| environment: | |
| name: pypi | |
| # OPTIONAL: uncomment and update to include your PyPI project URL in the deployment status: | |
| # url: https://pypi.org/p/YOURPROJECT | |
| steps: | |
| - name: Retrieve release distributions | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: release-dists | |
| path: dist/ | |
| - name: Publish release distributions to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |