From 8156fdcfa527061fe795a4823964e3ae84cb0b19 Mon Sep 17 00:00:00 2001 From: "Lumberbot (aka Jack)" <39504233+meeseeksmachine@users.noreply.github.com> Date: Thu, 18 Jan 2024 19:06:24 +0100 Subject: [PATCH] Backport PR #2406: Add write permissions to release workflow (#2407) Co-authored-by: Martin Kim <46072231+martinkim0@users.noreply.github.com> --- .github/workflows/release.yml | 43 ++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 21 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 146bf87bca..b0c5f882e0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,30 +1,31 @@ -name: Upload release to PyPI +name: Release on: - push: - tags: - - "*.*.*" + release: + types: [published] jobs: + permissions: + id-token: write + release: - name: Release + name: Upload release to PyPI runs-on: ubuntu-latest - + environment: + name: pypi + url: https://pypi.org/project/scvi-tools/ + permissions: + id-token: write steps: - - name: Checkout code - uses: actions/checkout@v3 - - - name: Set up Python 3.11 - uses: actions/setup-python@v4 + - uses: actions/checkout@v4 with: - python-version: "3.11" - - - name: Install hatch - run: | - python -m pip install --upgrade hatch - - - name: Build project for distribution - run: hatch build - - - name: Publish a Python distribution to PyPI + filter: blob:none + fetch-depth: 0 + - uses: actions/setup-python@v4 + with: + python-version: "3.x" + cache: "pip" + - run: pip install build + - run: python -m build + - name: Publish package distributions to PyPI uses: pypa/gh-action-pypi-publish@release/v1