diff --git a/.github/workflows/publish_to_pypi.yml b/.github/workflows/publish_to_pypi.yml index fba7faae21c..4d2c0ed03ca 100644 --- a/.github/workflows/publish_to_pypi.yml +++ b/.github/workflows/publish_to_pypi.yml @@ -1,48 +1,43 @@ +--- name: Publish Pypi package - on: workflow_call: - jobs: publish_to_pypi: name: Publish Python 🐍 package 📦 to PyPI runs-on: ubuntu-latest + permissions: + # This permission is required for trusted publishing. + id-token: write + contents: read env: ZENML_DEBUG: 1 ZENML_ANALYTICS_OPT_IN: false - PYTHONIOENCODING: 'utf-8' - + PYTHONIOENCODING: utf-8 steps: - - uses: actions/checkout@v3 - + - uses: actions/checkout@v4.1.1 - name: Get the version from the github tag ref id: get_version run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//} - - name: Set up Python - uses: actions/setup-python@v2 + uses: actions/setup-python@v5.0.0 with: python-version: '3.8' - - name: Install Poetry - uses: snok/install-poetry@v1 + uses: snok/install-poetry@v1.3.4 with: virtualenvs-create: true virtualenvs-in-project: true - - name: Include latest dashboard - shell: bash - env: - TAG: v0.9.0 - run: scripts/install-dashboard.sh - - - name: publish - env: - PYPI_USERNAME: ${{ secrets.PYPI_USERNAME }} - PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }} - run: | + run: bash scripts/install-dashboard.sh + - name: Build package + run: poetry build + - name: Mint token + id: mint + uses: tschm/token-mint-action@v1.0.2 + - name: Publish the package with poetry + run: |- if [ "$(cat src/zenml/VERSION)" = "$(echo ${GITHUB_REF} | sed 's|refs/tags/||g')" ]; - then ./scripts/publish.sh; + then poetry publish -u __token__ -p '${{ steps.mint.outputs.api-token }}'; else echo "Version mismatch between src/zenml/VERSION and branch tag" && exit 1; fi -