Switch to PyPI publishing via a trusted publisher.
Change-Id: Ie94c5e6931f8fa70f238c9a5360874ff8833876a
Reviewed-on: https://code-review.googlesource.com/c/re2/+/62972
Reviewed-by: Perry Lorier <perryl@google.com>
Reviewed-by: Paul Wankadia <junyer@google.com>
diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml
index 7b09f29..7f97adc 100644
--- a/.github/workflows/python.yml
+++ b/.github/workflows/python.yml
@@ -184,6 +184,10 @@
- wheel-linux
- wheel-macos
- wheel-windows
+ permissions:
+ contents: read
+ # Required for PyPI publishing.
+ id-token: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4.1.1
@@ -224,5 +228,4 @@
- if: inputs.build >= 1
uses: pypa/gh-action-pypi-publish@v1.8.14
with:
- password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: python/dist