From c8d4cfb6b8f2c60bdf070cd328ca4b5946b2033f Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Thu, 28 Nov 2024 13:09:45 -0500
Subject: [PATCH] Added a workflow to automatically upload artifacts on tag

---
 .github/workflows/release.yml | 56 +++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 .github/workflows/release.yml

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 00000000..0949c4c8
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,56 @@
+on:
+  workflow_dispatch:
+  push:
+    tags:
+      - "*.*.*"
+
+name: release
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    name: Build distributions for PyPI
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+      - name: Set up Python
+        uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
+
+      - name: Install build dependencies
+        run: python -m pip install uv
+
+      - name: Build distributions
+        run: python -m uv build
+
+      - name: Upload distributions
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        with:
+          name: pyopenssl-dists
+          path: dist/
+
+  pypi:
+    name: Publish to PyPI
+    runs-on: ubuntu-latest
+    needs:
+      - build
+
+    permissions:
+      # Used to authenticate to PyPI via OIDC.
+      id-token: write
+
+    steps:
+      - name: fetch dists
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
+        with:
+          name: pyopenssl-dists
+          path: dist/
+
+      - name: publish
+        if: github.event_name == 'push'
+        uses: pypa/gh-action-pypi-publish@8a08d616893759ef8e1aa1f2785787c0b97e20d6 # v1.10.0
+        with:
+          attestations: true