diff --git a/.github/actions/publish-pypi/action.yml b/.github/actions/publish-pypi/action.yml index 20e4576dc..c37c95671 100644 --- a/.github/actions/publish-pypi/action.yml +++ b/.github/actions/publish-pypi/action.yml @@ -5,6 +5,13 @@ inputs: os: description: "operating system" required: true + username: + description: "username" + required: true + password: + description: "password" + required: true + runs: using: "composite" @@ -37,8 +44,13 @@ runs: CIBW_MANYLINUX_X86_64_IMAGE: "manylinux_2_28" - name: Publish to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 - with: - user: ${{ secrets.PYPI_USERNAME }} - password: ${{ secrets.PYPI_PASSWORD }} - packages_dir: ./dist/ + shell: bash + run: | + twine upload -r pypi -u "${{ inputs.username }}" -p "${{ inputs.password }}" dist/* + + #- name: Publish to PyPI + # uses: pypa/gh-action-pypi-publish@release/v1 + # with: + # user: ${{ inputs.username }} + # password: ${{ inputs.password }} + # packages-dir: ./dist/ diff --git a/.github/workflows/publish-artifact.yml b/.github/workflows/publish-artifact.yml index 6367fe8d7..fe44c0c7e 100644 --- a/.github/workflows/publish-artifact.yml +++ b/.github/workflows/publish-artifact.yml @@ -3,6 +3,11 @@ name: Publish Python package to PyPI on: release: types: [ created ] + secrets: + PYPI_USERNAME: + required: true + PYPI_PASSWORD: + required: true permissions: contents: read @@ -18,7 +23,6 @@ jobs: permissions: id-token: write steps: - # - uses: ./.github/actions/checkout - name: Harden the runner (Audit all outbound calls) uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 with: @@ -34,3 +38,5 @@ jobs: - uses: ./.github/actions/publish-pypi with: os: ${{ runner.os }} + username: ${{ secrets.PYPI_USERNAME }} + password: ${{ secrets.PYPI_PASSWORD }}