THRIFT-5946: Use trusted publishing for Ruby gem releases
diff --git a/.github/workflows/release_ruby.yml b/.github/workflows/release_ruby.yml
new file mode 100644
index 0000000..0909456
--- /dev/null
+++ b/.github/workflows/release_ruby.yml
@@ -0,0 +1,52 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+name: Release Ruby Gem
+
+on:
+ release:
+ types: [published]
+ workflow_dispatch:
+
+jobs:
+ publish:
+ runs-on: ubuntu-latest
+
+ permissions:
+ contents: write
+ id-token: write
+
+ environment: release
+
+ steps:
+ # Set up
+ - uses: actions/checkout@v6
+ with:
+ persist-credentials: false
+ - name: Set up Ruby
+ uses: ruby/setup-ruby@v1
+ with:
+ bundler-cache: true
+ ruby-version: "4.0"
+ working-directory: lib/rb
+
+ # Release
+ - uses: rubygems/release-gem@v1
+ with:
+ working-directory: lib/rb
diff --git a/lib/rb/Rakefile b/lib/rb/Rakefile
index fab0f3c..993a93b 100644
--- a/lib/rb/Rakefile
+++ b/lib/rb/Rakefile
@@ -21,6 +21,7 @@
require 'rake'
require 'rake/clean'
require 'rspec/core/rake_task'
+require 'bundler/gem_tasks'
THRIFT = '../../compiler/cpp/thrift'