From ec7db6f240c4b3f023d12c25a0b0a8d7b3779dd8 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Mon, 5 Feb 2024 12:15:26 -0800 Subject: [PATCH] Add GitHub environments for packages (#265) Signed-off-by: Eric Brown --- .github/workflows/publish-to-pypi.yml | 4 +++- .github/workflows/publish-to-test-pypi.yml | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish-to-pypi.yml index 3058ec6a..c3d96014 100644 --- a/.github/workflows/publish-to-pypi.yml +++ b/.github/workflows/publish-to-pypi.yml @@ -6,8 +6,10 @@ jobs: build-n-publish: name: Build and publish to PyPI runs-on: ubuntu-latest + environment: + name: PyPI + url: https://pypi.org/project/bandit permissions: - # IMPORTANT: this permission is mandatory for trusted publishing id-token: write steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/publish-to-test-pypi.yml b/.github/workflows/publish-to-test-pypi.yml index 6738c648..285746d7 100644 --- a/.github/workflows/publish-to-test-pypi.yml +++ b/.github/workflows/publish-to-test-pypi.yml @@ -6,8 +6,10 @@ jobs: build-n-publish: name: Build and publish to Test PyPI runs-on: ubuntu-latest + environment: + name: Test PyPI + url: https://test.pypi.org/project/bandit permissions: - # IMPORTANT: this permission is mandatory for trusted publishing id-token: write steps: - uses: actions/checkout@v4