Adding a trusted publisher to a gem only requires a single setup step.
On your profile page, click the link to any gem you’d like to configure.
If you’re a gem owner, you’ll see a link to “Trusted publishers” on the right side of the page. Click that link.
This will take you to the gem’s trusted publishers page.
Click the “Create” button, which will take you to the publisher configuration page.
Providing the owner name, repository name, and GitHub Actions workflow name allows RubyGems to securely accept uploaded gems from the GitHub Actions infrastructure. If you have multiple workflows that push gems, you can create one Trusted Publisher for each workflow.
Once you click “Create Rubygem trusted publisher”, your publisher will be registered and will appear in the list of trusted publishers for this gem.
push.yml workflow on
indirect/indirect-trusted-publishing will be able to generate short-lived API tokens from RubyGems.org that are able to push to this gem.
A repo and workflow can be registered to multiple gems. For example, the
release.yml workflow from the
rails/rails repo can be registered for both the
activerecord gems. Each gem can likewise allow multiple publishers, for example a single gem could allow both workflows