Trusted publishing can't be a reusable workflow

praw-dev · Oct 1, 2023 · 5240be0 · 5240be0
1 parent ca143b5
commit 5240be0
Showing 1 changed file with 20 additions and 7 deletions.
diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml
@@ -1,12 +1,25 @@
 jobs:
   pypi-publish:
-    name: Publish Python Package
-    secrets: inherit
-    uses: praw-dev/.github/.github/workflows/pypi.yml@main
-name: Publish Python Package
+    environment: release
+    name: Upload release to PyPI
+    permissions:
+      id-token: write
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.x'
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install build
+      - name: Build package
+        run: python -m build
+      - name: Publish package distributions to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+name: Upload Python Package
 on:
   release:
     types: [ published ]
-permissions:
-  contents: read
-  id-token: write