| on: |
| workflow_dispatch: |
| push: |
| tags: |
| - "*.*.*" |
| |
| name: release |
| |
| permissions: |
| contents: read |
| |
| jobs: |
| build: |
| name: Build distributions for PyPI |
| runs-on: ubuntu-latest |
| |
| steps: |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 |
| |
| - name: Set up Python |
| uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 |
| |
| - name: Install build dependencies |
| run: python -m pip install build |
| |
| - name: Build distributions |
| run: python -m build |
| |
| - name: Upload distributions |
| uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 |
| with: |
| name: certifi-dists |
| path: dist/ |
| |
| pypi: |
| name: Publish to PyPI |
| runs-on: ubuntu-latest |
| environment: release |
| |
| needs: |
| - build |
| |
| permissions: |
| # Used to authenticate to PyPI via OIDC. |
| id-token: write |
| |
| steps: |
| - name: fetch dists |
| uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 |
| with: |
| name: certifi-dists |
| path: dist/ |
| |
| - name: publish |
| if: github.event_name == 'push' |
| uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # v1.9.0 |
