Skip to article frontmatterSkip to article content
Site not loading correctly?

This may be due to an incorrect BASE_URL configuration. See the MyST Documentation for reference.

Set Up GitHub Trusted Publishing

Trusted publishing lets GitHub Actions publish releases to Sysand Index without storing a long-lived API token in repository secrets.

Use this when GitHub Actions should publish a project release.

Before You Start

You need a Sysand Index project you can manage and a GitHub Actions workflow that builds the package release artifact.

For client installation and command usage, use the Sysand client documentation.

Add A GitHub Publisher

  1. Open the project’s trusted publishers page.

  2. Add a GitHub trusted publisher.

  3. Enter the repository and workflow details requested by the form.

  4. Save the publisher.

Keep the configuration narrow so only the intended repository and workflow can publish.

Update The GitHub Workflow

Configure the workflow to request an OpenID Connect token and publish with the sysand client. Command syntax belongs in the Sysand client documentation.

Publish A Test Release

Run the workflow on a test release first.

After the workflow completes, check that the release appears on the project page, renders its metadata, and is discoverable.

Troubleshooting

If publishing fails, compare the GitHub workflow identity with the trusted publisher. Repository, workflow, branch, or environment restrictions must match.