99 release :
1010 if : github.repository == 'python-gitlab/python-gitlab'
1111 runs-on : ubuntu-latest
12+ concurrency : release
1213 permissions :
1314 id-token : write
1415 environment : pypi.org
@@ -17,19 +18,21 @@ jobs:
1718 with :
1819 fetch-depth : 0
1920 token : ${{ secrets.RELEASE_GITHUB_TOKEN }}
20- - name : mint API token
21- id : mint-token
22- run : |
23- resp=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=pypi")
24- oidc_token=$(jq '.value' <<< "${resp}")
2521
26- resp=$(curl -X POST https://pypi.org/_/oidc/github/mint-token -d "{\"token\":${oidc_token}}")
27- api_token=$(jq '.token' <<< "${resp}" | tr -d '"')
28-
29- echo "::add-mask::${api_token}"
30- echo "api-token=${api_token}" >> "${GITHUB_OUTPUT}"
3122 - name : Python Semantic Release
32- uses : relekang /python-semantic-release@v8.0.8
23+ uses : python-semantic-release /python-semantic-release@v8.0.8
3324 with :
3425 github_token : ${{ secrets.RELEASE_GITHUB_TOKEN }}
35- pypi_token : ${{ steps.mint-token.outputs.api-token }}
26+
27+ - name : Publish package distributions to PyPI
28+ uses : pypa/gh-action-pypi-publish@release/v1
29+ # NOTE: DO NOT wrap the conditional in ${{ }} as it will always evaluate to true.
30+ # See https://github.com/actions/runner/issues/1173
31+ if : steps.release.outputs.released == 'true'
32+
33+ - name : Publish package distributions to GitHub Releases
34+ # TODO: track tags after https://github.com/python-semantic-release/upload-to-gh-release/issues/2
35+ uses : python-semantic-release/upload-to-gh-release@0f96c02a48278aff14251e9f1a0d73122a8c638b
36+ if : steps.release.outputs.released == 'true'
37+ with :
38+ github_token : ${{ secrets.GITHUB_TOKEN }}
0 commit comments