Dev: Started using the trusted publisher concept of Pypi

Signed-off-by: Andreas Maier <[email protected]>
zhmcclient · Oct 9, 2024 · 4d1e4ed · 4d1e4ed
1 parent 272594c
commit 4d1e4ed
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 8 deletions.
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -134,18 +134,13 @@ jobs:
     - name: Display the distribution directory
       run: |
         ls -l dist
-    # - name: Publish distribution to TestPyPI
-    #   uses: pypa/gh-action-pypi-publish@release/v1
-    #   with:
-    #     packages_dir: dist
-    #     password: ${{ secrets.TEST_PYPI_API_TOKEN }}
-    #     repository_url: https://test.pypi.org/legacy/
     - name: Publish distribution to PyPI
       if: startsWith(github.ref, 'refs/tags')
       uses: pypa/gh-action-pypi-publish@release/v1
       with:
-        packages_dir: dist
-        password: ${{ secrets.PYPI_API_TOKEN }}
+        packages-dir: dist
+        # Pypi has a trusted publisher defined, so we do not need a password:
+        # https://pypi.org/manage/project/zhmcclient/settings/publishing/
 
     #-------- Creation of Github release
     - name: Determine whether release on Github exists for the pushed tag

diff --git a/changes/noissue.1.cleanup.rst b/changes/noissue.1.cleanup.rst
@@ -0,0 +1,2 @@
+Dev: Started using the trusted publisher concept of Pypi in order to avoid
+dealing with Pypi access tokens.