@hugovk OK I think I've finally found my bliss: https://github.com/hynek/environ-config/blob/main/.github/workflows/pypi-package.yml :3
@hynek Looks good!
I like the recent commits, the best way to debug CI :)
Good idea to make your own action to combine some common things, and I like splitting the upload steps into their own jobs, makes it very clear which one actually runs.
@hugovk also one last self-congratulation: if one has an Environment that is protected and needs a confirmation: all the package info for a last check are right there in the UI 🎉
@hynek I've not used environments yet. So you can isolate secrets in them? And then they need approval in the UI before they can run?
@hugovk yep it's amazing! You isolate secrets and you can add certain requirements that must be met, for such an environment to run. Of course, workflow approval requires 2FA. This is a game changer since you can add more committers but they don't get access to releasing.
@JakubKuczys I’ve used the protected version twice and had to verify both times so dunno