ci.github: switch to pypa/gh-action-pypi-publish

.github/workflows/release.yml

@@ -51,6 +51,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: write
+      id-token: write
     steps:
       - uses: actions/checkout@v4
         with:
@@ -65,7 +66,6 @@ jobs:
           python -m pip install -U
           jinja2
           requests
-          twine
       - uses: actions/download-artifact@v3
         with:
           name: dist
@@ -74,8 +74,7 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: ./script/github-release.py dist/*.tar.gz{,.asc}
+      - name: Delete signatures before deploying to PyPI
+        run: rm dist/*.asc
       - name: PyPI release
-        env:
-          PYPI_USER: streamlink
-          PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
-        run: ./script/deploy-pypi.sh
+        uses: pypa/gh-action-pypi-publish@release/v1

script/deploy-pypi.sh

@@ -1,32 +0,0 @@
-#!/usr/bin/env bash
-shopt -s nullglob
-set -e
-
-
-version=$(python setup.py --version)
-dist_dir=${STREAMLINK_DIST_DIR:-dist}
-
-
-if [[ "${1}" = "-n" ]] || [[ "${1}" = "--dry-run" ]]; then
-    echo >&2 "deploy: dry-run (${version})"
-    for file in "${dist_dir}"/streamlink-"${version}"{.tar.gz,-*.whl}; do
-        echo >&2 "${file}"
-    done
-
-else
-    if ! python -m pip -q show twine; then
-        echo >&2 "deploy: missing dependency 'twine'"
-        exit 1
-    fi
-
-    if [[ -z "${PYPI_USER}" ]] || [[ -z "${PYPI_PASSWORD}" ]]; then
-        echo >&2 "deploy: missing PYPI_USER or PYPI_PASSWORD env var"
-        exit 1
-    fi
-
-    echo >&2 "deploy: Uploading files to PyPI (${version})"
-    twine upload \
-        --username "${PYPI_USER}" \
-        --password "${PYPI_PASSWORD}" \
-        "${dist_dir}"/streamlink-"${version}"{.tar.gz,-*.whl}
-fi