Dev: Started using the trusted publisher concept of Pypi

Signed-off-by: Andreas Maier <[email protected]>
zhmcclient · Oct 9, 2024 · 6f9b75e · 6f9b75e
1 parent 83e2b01
commit 6f9b75e
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 8 deletions.
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -166,18 +166,13 @@ jobs:
     - name: Display the distribution directory
       run: |
         ls -l dist
-    # - name: Publish distribution to TestPyPI
-    #   uses: pypa/gh-action-pypi-publish@release/v1
-    #   with:
-    #     packages_dir: dist
-    #     password: ${{ secrets.TEST_PYPI_API_TOKEN }}
-    #     repository_url: https://test.pypi.org/legacy/
     - name: Publish distribution to PyPI
       if: startsWith(github.ref, 'refs/tags')
       uses: pypa/gh-action-pypi-publish@release/v1
       with:
-        packages_dir: dist
-        password: ${{ secrets.PYPI_API_TOKEN }}
+        packages-dir: dist
+        # Pypi has a trusted publisher defined, so we do not need a password:
+        # https://pypi.org/manage/project/zhmc_prometheus_exporter/settings/publishing/
 
     #-------- Creation of Github release
     - name: Determine whether release on Github exists for the pushed tag

diff --git a/changes/noissue.6.cleanup.rst b/changes/noissue.6.cleanup.rst
@@ -0,0 +1,2 @@
+Dev: Started using the trusted publisher concept of Pypi in order to avoid
+dealing with Pypi access tokens.
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		Dev: Started using the trusted publisher concept of Pypi in order to avoid
		dealing with Pypi access tokens.