diff --git a/.github/workflows/test_publish.yml b/.github/workflows/test_publish.yml index b6b2adc..e0a2460 100644 --- a/.github/workflows/test_publish.yml +++ b/.github/workflows/test_publish.yml @@ -57,7 +57,7 @@ jobs: needs: [release] steps: - name: Download artifacts - uses: actions/download-artifact@v5 + uses: actions/download-artifact@v7 with: merge-multiple: true pattern: dist-* diff --git a/.github/workflows/test_publish_pure_python.yml b/.github/workflows/test_publish_pure_python.yml index 34326f5..023defd 100644 --- a/.github/workflows/test_publish_pure_python.yml +++ b/.github/workflows/test_publish_pure_python.yml @@ -37,7 +37,7 @@ jobs: needs: [setenv] steps: - name: Download artifacts - uses: actions/download-artifact@v5 + uses: actions/download-artifact@v7 with: merge-multiple: true pattern: dist-* diff --git a/docs/source/trusted_publishing.rst b/docs/source/trusted_publishing.rst index 478e8e2..ef11a09 100644 --- a/docs/source/trusted_publishing.rst +++ b/docs/source/trusted_publishing.rst @@ -43,12 +43,14 @@ We also add an if statement to the job so that it only runs on tags starting wit upload: if: startsWith(github.ref, 'refs/tags/v') - name: Use built dists and test upload + name: Upload built artifacts to PyPI runs-on: ubuntu-latest needs: [build] + permissions: + id-token: write steps: - name: Download artifacts - uses: actions/download-artifact@v5 + uses: actions/download-artifact@v7 with: merge-multiple: true pattern: dist-* @@ -59,3 +61,4 @@ We also add an if statement to the job so that it only runs on tags starting wit You will also need to `Add a Trusted Publisher `__ to your PyPI project. +If, as recommended, you are using a deployment environment then don't forget to add that to the job description as well.