.github/workflows/release.yml - certifi/python-certifi - Git at Google

 on:
   workflow_dispatch:
   push:
     tags:
       - "*.*.*"

 name: release

 permissions:
   contents: read

 jobs:
   build:
     name: Build distributions for PyPI
     runs-on: ubuntu-latest

     steps:
       - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4

       - name: Set up Python
         uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0

       - name: Install build dependencies
         run: python -m pip install build

       - name: Build distributions
         run: python -m build

       - name: Upload distributions
         uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: certifi-dists
           path: dist/

   pypi:
     name: Publish to PyPI
     runs-on: ubuntu-latest
     environment: release

     needs:
       - build

     permissions:
       # Used to authenticate to PyPI via OIDC.
       id-token: write

     steps:
       - name: fetch dists
         uses: actions/download-artifact@9c19ed7fe5d278cd354c7dfd5d3b88589c7e2395 # v4.1.6
         with:
           name: certifi-dists
           path: dist/

       - name: publish
         if: github.event_name == 'push'
         uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14
	on:
	workflow_dispatch:
	push:
	tags:
	- "..*"

	name: release

	permissions:
	contents: read

	jobs:
	build:
	name: Build distributions for PyPI
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4

	- name: Set up Python
	uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0

	- name: Install build dependencies
	run: python -m pip install build

	- name: Build distributions
	run: python -m build

	- name: Upload distributions
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: certifi-dists
	path: dist/

	pypi:
	name: Publish to PyPI
	runs-on: ubuntu-latest
	environment: release

	needs:
	- build

	permissions:
	# Used to authenticate to PyPI via OIDC.
	id-token: write

	steps:
	- name: fetch dists
	uses: actions/download-artifact@9c19ed7fe5d278cd354c7dfd5d3b88589c7e2395 # v4.1.6
	with:
	name: certifi-dists
	path: dist/

	- name: publish
	if: github.event_name == 'push'
	uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14