Refactor GitHub Actions workflows for package building and publishing#256
Refactor GitHub Actions workflows for package building and publishing#256LoserCheems merged 3 commits intomainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Refactors the GitHub Actions CI/CD workflows to simplify package build + release publishing by replacing the multi-matrix wheel build pipeline with a single python -m build artifact build and streamlined release/PyPI publishing.
Changes:
- Replace multi-job/matrix wheel builds with a single Ubuntu build producing sdist + wheel via
python -m build. - Upload
dist/*directly to GitHub Releases and publish the same artifacts to PyPI using Twine. - Remove the reusable
_build.ymlworkflow and simplify manual publishing and ad-hoc build workflows.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| .github/workflows/publish.yml | Consolidates build + GitHub Release + PyPI publish into a single job using python -m build. |
| .github/workflows/manual_publish.yml | Updates manual publish to use python -m build and simplified dependency installation. |
| .github/workflows/build.yml | Replaces calling the deleted reusable wheel builder with a direct “build sdist and wheel” workflow. |
| .github/workflows/_build.yml | Removes the complex reusable CUDA/PyTorch/matrix wheel builder workflow. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| python -m pip install --upgrade pip | ||
| pip install build twine | ||
|
|
||
| - name: Build package artifacts |
There was a problem hiding this comment.
Previously the publishing flow explicitly set FLASH_SPARSE_ATTENTION_SKIP_CUDA_BUILD: \"TRUE\" when building the source distribution, which prevents attempting to compile CUDA components on a vanilla ubuntu-latest runner. The new python -m build step dropped that environment variable, so the build may now fail in CI if the package build backend tries to compile CUDA extensions by default. Consider restoring the env var on the build step (or updating the build configuration to default to a CPU-only build for sdist/wheel), so tag publishing remains reliable.
| - name: Build package artifacts | |
| - name: Build package artifacts | |
| env: | |
| FLASH_SPARSE_ATTENTION_SKIP_CUDA_BUILD: "TRUE" |
| - name: Build core package | ||
| env: | ||
| FLASH_SPARSE_ATTENTION_SKIP_CUDA_BUILD: "TRUE" | ||
| - name: Build package artifacts |
There was a problem hiding this comment.
The manual publish workflow also removed FLASH_SPARSE_ATTENTION_SKIP_CUDA_BUILD: \"TRUE\" that previously prevented CUDA compilation during packaging. If the project can optionally build CUDA extensions, this change can break manual publishing on non-CUDA runners. Restore the env var (or otherwise ensure python -m build produces CPU-only artifacts) to keep manual releases functional.
| - name: Build package artifacts | |
| - name: Build package artifacts | |
| env: | |
| FLASH_SPARSE_ATTENTION_SKIP_CUDA_BUILD: "TRUE" |
| - name: Upload release assets | ||
| if: inputs.upload-to-release && inputs.release-version != '' | ||
| uses: softprops/action-gh-release@v2 | ||
| with: | ||
| tag_name: ${{ inputs.release-version }} | ||
| files: dist/* |
There was a problem hiding this comment.
The condition inputs.release-version != '' can behave unexpectedly if the input is unset (GitHub Actions inputs can be null depending on the trigger), which may allow this step to run with an empty/invalid tag_name. Prefer a truthiness check such as if: inputs.upload-to-release && inputs.release-version (or explicitly guard both != '' and != null) to ensure a valid tag is always provided when uploading release assets.
| run: python -m build | ||
|
|
||
| - name: Create or update release | ||
| uses: softprops/action-gh-release@v2 |
There was a problem hiding this comment.
For supply-chain hardening, consider pinning third-party GitHub Actions (notably softprops/action-gh-release@v2) to an immutable commit SHA instead of a moving tag. This reduces the risk of unexpected changes impacting the release/publish pipeline.
| uses: softprops/action-gh-release@v2 | |
| uses: softprops/action-gh-release@2b0c9d5c169aeb7baf5120a0610b4bea7f6e6c6e |
The changes refactor the GitHub Actions workflows to streamline the process of building and publishing package artifacts. The new setup simplifies dependency installation, builds the package using modern tools, and enhances the release process by uploading artifacts directly to GitHub releases and PyPI. This update improves maintainability and clarity in the CI/CD pipeline.