From 41c10ee2235741ab2691f9bab18dfe23717dc485 Mon Sep 17 00:00:00 2001 From: Dustin Ingram Date: Fri, 11 Aug 2023 11:23:40 -0400 Subject: [PATCH] Add link to configuration docs for Trusted Publishing --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 986a218..eb88d93 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ This action supports PyPI's [trusted publishing] implementation, which allows authentication to PyPI without a manually configured API token or username/password combination. To perform [trusted publishing] with this action, your project's -publisher must already be configured on PyPI. +publisher must already be [configured on PyPI]. To enter the trusted publishing flow, configure this action's job with the `id-token: write` permission and **without** an explicit username or password: @@ -277,5 +277,6 @@ https://github.com/vshymanskyy/StandWithUkraine/blob/main/docs/README.md [warehouse#12965]: https://github.com/pypi/warehouse/issues/12965 [trusted publishing]: https://docs.pypi.org/trusted-publishers/ +[configured on PyPI]: https://docs.pypi.org/trusted-publishers/adding-a-publisher/ [how to specify username and password]: #specifying-a-different-username