mirror of
https://github.com/natelandau/obsidian-metadata.git
synced 2025-11-18 09:53:40 -05:00
755151e2ed
ci(deps): bump step-security/harden-runner from 2.1.0 to 2.2.0
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](18bf8ad2ca...c8454efe5d)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
57 lines
1.7 KiB
YAML
57 lines
1.7 KiB
YAML
---
|
|
name: Publish to PyPi
|
|
on:
|
|
workflow_dispatch:
|
|
release:
|
|
types:
|
|
- published
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
publish-to-pypi:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: true
|
|
matrix:
|
|
python-version: ["3.11"]
|
|
steps:
|
|
- uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v2.2.0
|
|
with:
|
|
egress-policy: block
|
|
disable-sudo: true
|
|
allowed-endpoints: >
|
|
api.github.com:443
|
|
files.pythonhosted.org:443
|
|
github.com:443
|
|
install.python-poetry.org:443
|
|
pypi.org:443
|
|
python-poetry.org:443
|
|
upload.pypi.org:443
|
|
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Setup Python and Poetry
|
|
uses: ./.github/actions/setup-poetry
|
|
|
|
# ----------------------------------------------
|
|
# Test and then build the package
|
|
# ----------------------------------------------
|
|
- name: run poetry build
|
|
run: |
|
|
poetry run poetry check
|
|
poetry run coverage run
|
|
|
|
# ----------------------------------------------
|
|
# Publish to PyPi
|
|
# ----------------------------------------------
|
|
- name: Publish
|
|
env:
|
|
PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }}
|
|
run: |
|
|
poetry config pypi-token.pypi $PYPI_TOKEN
|
|
poetry publish --build
|