name: Publish Supervision Releases to PyPI on: release: types: [published] workflow_dispatch: pull_request: branches: [main, develop] paths: - ".github/workflows/build-package.yml" - ".github/workflows/publish-release.yml" permissions: {} # Explicitly remove all permissions by default jobs: build: permissions: contents: read uses: ./.github/workflows/build-package.yml publish-release: name: Publish Release Package needs: build runs-on: ubuntu-latest environment: name: release url: https://pypi.org/project/supervision/ timeout-minutes: 10 permissions: id-token: write # Required for PyPI publishing contents: write # Required for checkout and upload assets steps: - name: 📥 Download distribution artifacts uses: actions/download-artifact@v8 with: name: dist path: dist/ - name: List distribution artifacts run: ls -lh dist/ - name: 📦 Upload assets to Release if: github.event_name == 'release' uses: AButler/upload-release-assets@v4.0 with: files: "dist/*" repo-token: ${{ secrets.GITHUB_TOKEN }} - name: 🚀 Publish to PyPi # We only want to publish to PyPi if the event is a release and it's not a pre-release. if: (github.event_name == 'release' && github.event.release.prerelease != true) || github.event_name == 'workflow_dispatch' uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0 with: attestations: true