Pypi publishing is broken

[glimchb]

in https://github.com/argonne-lcf/dlio_benchmark/actions/workflows/cd.yml publishing to Pypi is broken

I do see the image here https://pypi.org/project/dlio-benchmark/2.0.0/

But CI should be fixed as well

log:

Trusted publishing exchange failure: 
Token request failed: the server refused the request for the following reasons:

* `invalid-publisher`: valid token, but no corresponding publisher (All lookup strategies exhausted)

This generally indicates a trusted publisher configuration error, but could
also indicate an internal error on GitHub or PyPI's part.


The claims rendered below are **for debugging purposes only**. You should **not**
use them to configure a trusted publisher unless they already match your expectations.

If a claim is not present in the claim set, then it is rendered as `MISSING`.

* `sub`: `repo:argonne-lcf/dlio_benchmark:ref:refs/tags/v2.0.0`
* `repository`: `argonne-lcf/dlio_benchmark`
* `repository_owner`: `argonne-lcf`
* `repository_owner_id`: `52420195`
* `job_workflow_ref`: `argonne-lcf/dlio_benchmark/.github/workflows/cd.yml@refs/tags/v2.0.0`
* `ref`: `refs/tags/v2.0.0`

See https://docs.pypi.org/trusted-publishers/troubleshooting/ for more help.

[zhenghh04]

Thanks @glimchb for reporting this.

@izzet , could you take a look at this issue.

[izzet]

I revisited my notes and confirmed that we addressed this issue in #224 by opting out of the Trusted Publishers flow. We removed permissions: id-token: write from the CI script, which prevents the pypa/gh-action-pypi-publish action from using OIDC tokens and instead relies on a manually provided PyPI API token (stored as ${{ secrets.PYPI_DLIO_TOKEN }} in the script).

@zhenghh04 - In short, the script is now correctly configured and should work properly for the next release once it's ready.