From 0ea837404a54217d4cbc6c861e675cdfeafd2048 Mon Sep 17 00:00:00 2001 From: Predrag Gruevski <2348618+obi1kenobi@users.noreply.github.com> Date: Tue, 31 Oct 2023 21:36:38 -0400 Subject: [PATCH] Only publish to test PyPI from the `_test_release.yml` workflow. (#12668) PyPI trusted publishing wants to know which workflow is expected to do the publish. We always want to publish from the same workflow, so we're making `_test_release.yml` the only workflow that publishes to Test PyPI. --- .github/workflows/_release.yml | 34 +++++----------------------------- 1 file changed, 5 insertions(+), 29 deletions(-) diff --git a/.github/workflows/_release.yml b/.github/workflows/_release.yml index 237b998ee3a10..c16b21246037d 100644 --- a/.github/workflows/_release.yml +++ b/.github/workflows/_release.yml @@ -64,35 +64,11 @@ jobs: test-pypi-publish: needs: - build - runs-on: ubuntu-latest - permissions: - # This permission is used for trusted publishing: - # https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/ - # - # Trusted publishing has to also be configured on PyPI for each package: - # https://docs.pypi.org/trusted-publishers/adding-a-publisher/ - id-token: write - - steps: - - uses: actions/checkout@v4 - - - uses: actions/download-artifact@v3 - with: - name: dist - path: ${{ inputs.working-directory }}/dist/ - - - name: Publish to test PyPI - uses: pypa/gh-action-pypi-publish@release/v1 - with: - packages-dir: ${{ inputs.working-directory }}/dist/ - verbose: true - print-hash: true - repository-url: https://test.pypi.org/legacy/ - - # We overwrite any existing distributions with the same name and version. - # This is *only for CI use* and is *extremely dangerous* otherwise! - # https://github.com/pypa/gh-action-pypi-publish#tolerating-release-package-file-duplicates - skip-existing: true + uses: + ./.github/workflows/_test_release.yml + with: + working-directory: ${{ inputs.working-directory }} + secrets: inherit pre-release-checks: needs: