ci: PyPI attestations (#5374)

This commit is contained in:
Henry Schreiner 2024-09-13 20:21:43 -04:00 committed by GitHub
parent 5b7c0b04b9
commit 0cf3a0f7b5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -91,11 +91,12 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: github.event_name == 'release' && github.event.action == 'published' if: github.event_name == 'release' && github.event.action == 'published'
needs: [packaging] needs: [packaging]
environment: pypi environment:
name: pypi
url: https://pypi.org/p/pybind11
permissions: permissions:
id-token: write id-token: write
attestations: write attestations: write
contents: read
steps: steps:
# Downloads all to directories matching the artifact names # Downloads all to directories matching the artifact names
@ -110,8 +111,10 @@ jobs:
uses: pypa/gh-action-pypi-publish@release/v1 uses: pypa/gh-action-pypi-publish@release/v1
with: with:
packages-dir: standard/ packages-dir: standard/
attestations: true
- name: Publish global package - name: Publish global package
uses: pypa/gh-action-pypi-publish@release/v1 uses: pypa/gh-action-pypi-publish@release/v1
with: with:
packages-dir: global/ packages-dir: global/
attestations: true