From 72772cd118226e46eef7223ddbc2f0abd82785cb Mon Sep 17 00:00:00 2001 From: Gerrod Ubben Date: Thu, 30 Oct 2025 14:15:35 -0400 Subject: [PATCH] Test out using RubyGems' Trusted Publisher --- .github/workflows/publish.yml | 28 ++++++++-------------------- 1 file changed, 8 insertions(+), 20 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 92342372..1c9af773 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -47,10 +47,6 @@ jobs: id-token: "write" steps: - - name: "Clean up dist directory" - run: | - rm -rf dist/* - - name: "Download Python client" uses: "actions/download-artifact@v4" with: @@ -66,21 +62,16 @@ jobs: runs-on: "ubuntu-latest" needs: - "build" - - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + environment: + name: "rubygems" + permissions: + id-token: "write" steps: - - uses: "actions/checkout@v4" - with: - fetch-depth: 1 - path: "pulp_ostree" - - name: "Download Ruby client" uses: "actions/download-artifact@v4" with: name: "ruby-client.tar" - path: "pulp_ostree/" - name: "Untar Ruby client packages" run: | @@ -90,15 +81,12 @@ jobs: with: ruby-version: "2.6" - - name: "Setting secrets" - run: | - python3 .github/workflows/scripts/secrets.py "$SECRETS_CONTEXT" - env: - SECRETS_CONTEXT: "${{ toJson(secrets) }}" + - name: "Set RubyGems Credentials" + uses: "rubygems/configure-rubygems-credentials@v1.0.0" - - name: "Publish client to rubygems" + - name: "Publish client to RubyGems" run: | - bash .github/workflows/scripts/publish_client_gem.sh ${{ github.ref_name }} + gem push "pulp_ostree_client-${{ github.ref_name }}.gem" create-gh-release: runs-on: "ubuntu-latest"