From 3007932454b536e9df15b2cb9ef6315dd4e6348a Mon Sep 17 00:00:00 2001 From: Henning Kage Date: Fri, 15 Mar 2024 08:34:03 +0100 Subject: [PATCH 1/2] Changed the publish workflow --- .github/workflows/publish.yml | 14 ++++++++------ CHANGELOG.rst | 1 + 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index a0a4281..51da8b9 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -6,8 +6,13 @@ on: jobs: publish: + name: Upload release to PyPI runs-on: ubuntu-latest - environment: production + environment: + name: production + url: https://pypi.org/project/planning-poker/ + permissions: + id-token: write # IMPORTANT: mandatory for trusted publishing steps: - uses: actions/checkout@v2 - name: Set up Python @@ -28,8 +33,5 @@ jobs: run: | django-admin compilemessages python setup.py sdist bdist_wheel - - name: Publish package - uses: pypa/gh-action-pypi-publish@release/v1.4 - with: - user: __token__ - password: ${{ secrets.PYPI_API_TOKEN }} + - name: Publish package distributions to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 diff --git a/CHANGELOG.rst b/CHANGELOG.rst index dedace3..5223068 100755 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,6 +4,7 @@ Changelog Development ----------- +* Changed publish workflow to match the Trusted Publisher Management in PyPI * Updated Django requirement 1.0.3 (2022-09-01) From 7b3f4dca9f91baa5b26466601ac922532368efb3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcus=20Kl=C3=B6pfel?= Date: Fri, 15 Mar 2024 14:35:34 +0100 Subject: [PATCH 2/2] Updated external actions --- .github/workflows/publish.yml | 6 +++--- .github/workflows/tests.yml | 14 ++++++++------ 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 51da8b9..0918146 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -14,13 +14,13 @@ jobs: permissions: id-token: write # IMPORTANT: mandatory for trusted publishing steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v2 + uses: actions/setup-python@v5 with: python-version: '3.x' - name: Set up Node.js - uses: actions/setup-node@v2 + uses: actions/setup-node@v4 with: node-version: '12' - name: Install dependencies diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 7c6e32f..3d087f2 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -13,9 +13,9 @@ jobs: python-version: [3.8, 3.9] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v2 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - name: Install dependencies @@ -31,19 +31,20 @@ jobs: run: coverage xml if: ${{ success() }} - name: Upload coverage report - uses: codecov/codecov-action@v2 + uses: codecov/codecov-action@v4 with: files: coverage.xml flags: unittests + token: ${{ secrets.CODECOV_TOKEN }} if: ${{ success() }} js-tests: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Set up Node.js - uses: actions/setup-node@v2 + uses: actions/setup-node@v4 with: node-version: '12' - name: Install dependencies @@ -51,8 +52,9 @@ jobs: - name: Run tests run: npm run test:coverage - name: Upload coverage report - uses: codecov/codecov-action@v2 + uses: codecov/codecov-action@v4 with: files: ./coverage/cobertura-coverage.xml flags: unittests + token: ${{ secrets.CODECOV_TOKEN }} if: ${{ success() }}