diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..f783564 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,26 @@ +on: + release: + types: + - published + +name: release + +jobs: + pypi-publish: + name: Upload release to PyPI + runs-on: ubuntu-latest + environment: + name: pypi + url: https://pypi.org/p/pyvulnerabilitylookup + permissions: + id-token: write # IMPORTANT: this permission is mandatory for trusted publishing + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Install Poetry + run: python -m pip install --upgrade pip poetry + - name: Build artifacts + run: poetry build + - name: Publish package distributions to PyPI + uses: pypa/gh-action-pypi-publish@release/v1