Use pypi-publish instead of tokens

pupil-labs · Jun 1, 2023 · 01998ac · 01998ac
1 parent 6d73206
commit 01998ac
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 5 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -66,5 +66,14 @@ jobs:
       - name: Release
         run: tox -e release
         env:
-          TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  pypi-publish:
+    needs:
+      - release
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+    steps:
+      - name: Publish package distributions to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
diff --git a/tox.ini b/tox.ini
@@ -28,12 +28,8 @@ deps =
 	twine>=3
 	jaraco.develop>=7.1
 passenv =
-	TWINE_PASSWORD
 	GITHUB_TOKEN
-setenv =
-	TWINE_USERNAME = {env:TWINE_USERNAME:__token__}
 commands =
 	python -c "import shutil; shutil.rmtree('dist', ignore_errors=True)"
 	python -m build
-	python -m twine upload dist/*
 	python -m jaraco.develop.create-github-release