Release to PyPI as a trusted publisher#

Starting on ansys/actions version 6, repository maintainers can benefit from the Trusted Publishers release to PyPI approach.

Traditionally, projects have made use of the PyPI API token to upload packages to PyPI. This approach is still supported, but it is recommended to use the Trusted Publishers approach when possible. If you are a repository maintainer and you want to release to PyPI as a trusted publisher, follow these steps:

  1. Contact the PyAnsys Core Team to request your project to be added to the list of authorized repositories to release as a trusted publisher.

  2. (Optional) Create a dedicated release environment on your GitHub repository. This step is optional, but it is strongly encouraged. To create a new environment, go to the Environments documentation. Contact the PyAnsys Core Team in case of doubts.

  3. Adapt your release section in your workflow as follows:

      name: Release project
      if: ${{ github.event_name == 'push' && contains(github.ref, 'refs/tags') }}
      needs: [package]
      runs-on: ubuntu-latest
      # Specifying a GitHub environment is optional, but strongly encouraged
      environment: release
        id-token: write
        contents: write
        - name: Release to the public PyPI repository
          uses: ansys/actions/release-pypi-public@v6
            library-name: ${{ env.PACKAGE_NAME }}
            use-trusted-publisher: true
        - name: Release to GitHub
          uses: ansys/actions/release-github@v6
            library-name: ${{ env.PACKAGE_NAME }}