diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c0e9fa6c4..4fe60ceda 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,6 +7,8 @@ jobs: release_to_pypi: name: Release to PyPi runs-on: ubuntu-latest + permissions: + id-token: write steps: - uses: actions/checkout@v3 - uses: actions/setup-python@v4 @@ -26,5 +28,6 @@ jobs: TAG: ${{ github.event.release.tag_name }} CODALAB_DOCKER_USERNAME: ${{ secrets.CODALAB_DOCKER_USERNAME }} CODALAB_DOCKER_PASSWORD: ${{ secrets.CODALAB_DOCKER_PASSWORD }} - TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }} - TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }} + # Uses trusted publishing to authenticate to PyPI: see https://docs.pypi.org/trusted-publishers/using-a-publisher/ + - name: Publish package distributions to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 diff --git a/scripts/ci-deploy.sh b/scripts/ci-deploy.sh index 6cb8b1ed2..51458562b 100755 --- a/scripts/ci-deploy.sh +++ b/scripts/ci-deploy.sh @@ -18,5 +18,5 @@ PUSH_FLAG=$([ -z "${CODALAB_DOCKER_USERNAME}" ] || echo "--push") python3 codalab_service.py build --version v$tag --pull $PUSH_FLAG if [ "$tag" != "master" ]; then python3 codalab_service.py build --version latest --pull $PUSH_FLAG - ./scripts/upload-to-pypi.sh $tag + python3 setup.py bdist_wheel sdist fi diff --git a/scripts/upload-to-pypi.sh b/scripts/upload-to-pypi.sh deleted file mode 100755 index 5e82532ea..000000000 --- a/scripts/upload-to-pypi.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -# upload-to-pypi.sh -# Builds and uploads Codalab pip packages - -usage() -{ - echo "Build pip packags from the codebase (requires TWINE_USERNAME and TWINE_PASSWORD environment variables to be set). [[VERSION: Version to use for packages]]" -} - -VER=$1 -set -e - -echo "==> Packaging codalab" -python3 setup.py bdist_wheel sdist -echo "==> Uploading codalab" -twine upload dist/codalab-$VER.tar.gz -twine upload dist/codalab-$VER-py3-none-any.whl