diff options
| -rw-r--r-- | .github/workflows/release.yml | 8 | ||||
| -rwxr-xr-x | scripts/dev/build_release.py | 3 |
2 files changed, 10 insertions, 1 deletions
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1323ce605..288186eb1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -149,8 +149,14 @@ jobs: run: | python -m pip install -U pip python -m pip install -U -r misc/requirements/requirements-tox.txt + # FIXME consider switching to trusted publishers: + # https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/ - name: Build and upload release - run: "tox -e build-release -- --upload --no-confirm --experimental --gh-token ${{ secrets.GITHUB_TOKEN }}" + run: "tox -e build-release -- --upload --no-confirm --experimental" + env: + TWINE_USERNAME: __token__ + TWINE_PASSWORD: ${{ secrets.QUTEBROWSER_BOT_TEST_PYPI_TOKEN }} # FIXME use real token + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} finalize: runs-on: ubuntu-20.04 timeout-minutes: 5 diff --git a/scripts/dev/build_release.py b/scripts/dev/build_release.py index acbe31507..fe2ec16c3 100755 --- a/scripts/dev/build_release.py +++ b/scripts/dev/build_release.py @@ -539,6 +539,9 @@ def read_github_token( if arg_token is not None: return arg_token + if "GITHUB_TOKEN" in os.environ: + return os.environ["GITHUB_TOKEN"] + token_path = pathlib.Path.home() / '.gh_token' if not token_path.exists(): if optional: |