Skip to content

Commit f1c623c

Browse files
committed
Move exposure of github token to only the steps that need it.
1 parent 362200e commit f1c623c

File tree

1 file changed

+4
-3
lines changed

1 file changed

+4
-3
lines changed

source/guides/github-actions-ci-cd-sample/publish-to-test-pypi.yml

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -61,9 +61,6 @@ jobs:
6161
contents: write # IMPORTANT: mandatory for making GitHub Releases
6262
id-token: write # IMPORTANT: mandatory for sigstore
6363

64-
env:
65-
GITHUB_TOKEN: ${{ github.token }}
66-
6764
steps:
6865
- name: Download all the dists
6966
uses: actions/download-artifact@v3
@@ -77,12 +74,16 @@ jobs:
7774
./dist/*.tar.gz
7875
./dist/*.whl
7976
- name: Create GitHub Release
77+
env:
78+
GITHUB_TOKEN: ${{ github.token }}
8079
run: >-
8180
gh release create
8281
'${{ github.ref_name }}'
8382
--repo '${{ github.repository }}'
8483
--notes ""
8584
- name: Upload artifact signatures to GitHub Release
85+
env:
86+
GITHUB_TOKEN: ${{ github.token }}
8687
# Upload to GitHub Release using the `gh` CLI.
8788
# `dist/` contains the built packages, and the
8889
# sigstore-produced signatures and certificates.

0 commit comments

Comments
 (0)