From 4bc21d5a2cfc7d976c47daf8e8e6809d58323075 Mon Sep 17 00:00:00 2001 From: Thomas Robitaille Date: Thu, 14 Nov 2024 23:24:39 +0000 Subject: [PATCH 1/2] Disable attestations in pypi-publish workflow --- .github/workflows/publish.yml | 1 + .github/workflows/publish_pure_python.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 2f934d88..084ddca6 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -264,6 +264,7 @@ jobs: user: __token__ password: ${{ secrets.pypi_token }} repository-url: ${{ inputs.repository_url }} + attestations: false # https://github.com/pypi/warehouse/issues/11096 - uses: OpenAstronomy/publish-wheels-anaconda@main if: ${{ inputs.upload_to_anaconda }} with: diff --git a/.github/workflows/publish_pure_python.yml b/.github/workflows/publish_pure_python.yml index 6298e8d3..e3dca3ca 100644 --- a/.github/workflows/publish_pure_python.yml +++ b/.github/workflows/publish_pure_python.yml @@ -141,6 +141,7 @@ jobs: user: __token__ password: ${{ secrets.pypi_token }} repository-url: ${{ inputs.repository_url }} + attestations: false # https://github.com/pypi/warehouse/issues/11096 - uses: OpenAstronomy/publish-wheels-anaconda@main if: ${{ inputs.upload_to_anaconda }} with: From 9feb28d6e57012b08ee56ca4519b89122361c7a2 Mon Sep 17 00:00:00 2001 From: Thomas Robitaille Date: Thu, 14 Nov 2024 23:47:32 +0000 Subject: [PATCH 2/2] TMP: try setting permissions --- .github/workflows/publish_pure_python.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/publish_pure_python.yml b/.github/workflows/publish_pure_python.yml index e3dca3ca..310f9f43 100644 --- a/.github/workflows/publish_pure_python.yml +++ b/.github/workflows/publish_pure_python.yml @@ -90,6 +90,8 @@ jobs: name: Build source and wheel distribution runs-on: ${{ inputs.runs-on }} timeout-minutes: ${{ inputs.timeout-minutes }} + permissions: + id-token: write steps: - uses: actions/setup-python@v5 if: ${{ inputs.env != '' }}