From 99d7fb4ef0a420e4a689bafecba5189127d657ba Mon Sep 17 00:00:00 2001 From: Arya Massarat <23412689+aryarm@users.noreply.github.com> Date: Fri, 14 Jun 2024 15:46:16 -0700 Subject: [PATCH] update to newest poetry and use pypi trusted publishing --- .github/workflows/release.yml | 13 +++++++------ dev-env.yml | 2 +- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 93f52177..1a14fe7b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,6 +9,10 @@ jobs: release: name: Release runs-on: ubuntu-latest + environment: release + permissions: + # IMPORTANT: this permission is mandatory for trusted publishing + id-token: write steps: - uses: GoogleCloudPlatform/release-please-action@v4.0.2 id: release @@ -24,7 +28,7 @@ jobs: if: ${{ steps.release.outputs.release_created }} uses: actions/setup-python@v4 with: - python-version: '3.8' + python-version: '3.8' # keep in sync with dev-env.yml - name: Upgrade pip if: ${{ steps.release.outputs.release_created }} @@ -35,7 +39,7 @@ jobs: - name: Install Poetry if: ${{ steps.release.outputs.release_created }} run: | - pip install 'poetry==1.7.1' + pip install 'poetry==1.8.3' # keep version in sync with dev-env.yml poetry --version - name: Build package @@ -45,7 +49,4 @@ jobs: - name: Publish package on PyPI if: ${{ steps.release.outputs.release_created }} - uses: pypa/gh-action-pypi-publish@v1.5.0 - with: - user: __token__ - password: ${{ secrets.PYPI_TOKEN }} + uses: pypa/gh-action-pypi-publish@v1.8.14 diff --git a/dev-env.yml b/dev-env.yml index 1185872f..5821b711 100644 --- a/dev-env.yml +++ b/dev-env.yml @@ -7,7 +7,7 @@ dependencies: - conda-forge::pip==23.3.2 - bioconda::bcftools==1.19 - bioconda::art==2016.06.05 - - conda-forge::poetry==1.7.1 + - conda-forge::poetry==1.8.3 # keep in sync with release.yml - conda-forge::nox==2023.04.22 - conda-forge::poetry-plugin-export==1.6.0 - pip: