Add PyPI release workflow with trusted publishing #6
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CLA Assistant" | |
| on: | |
| issue_comment: | |
| types: [created] | |
| pull_request_target: | |
| types: [opened, closed, synchronize] | |
| # Explicitly set permissions for the workflow | |
| permissions: | |
| actions: write | |
| contents: write | |
| pull-requests: write | |
| statuses: write | |
| jobs: | |
| cla-check: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: "CLA Assistant" | |
| if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' | |
| uses: contributor-assistant/github-action@v2.6.1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # This should be a Personal Access Token with repo scope | |
| PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_ASSISTANT_PAT }} | |
| with: | |
| path-to-signatures: '.github/CLA_SIGNATORIES.json' | |
| path-to-document: 'https://github.com/${{ github.repository }}/blob/main/CLA.md' | |
| # Branch where CLA signatures will be stored | |
| branch: 'main' | |
| allowlist: 'dependabot[bot],github-actions[bot]' | |
| # Customizable messages | |
| remote-organization-name: 'Unsupervised.com, Inc.' | |
| remote-repository-name: 'deepwork' | |
| # Custom text for the CLA comment | |
| custom-pr-sign-comment: 'I have read the CLA Document and I hereby sign the CLA' | |
| custom-allsigned-prcomment: 'All contributors have signed the CLA. ✅' | |
| lock-pullrequest-aftermerge: false | |
| use-dco-flag: true |