From d16806de05fabfb0f6c063b17413a94c515a68fd Mon Sep 17 00:00:00 2001
From: Julian B <jeriox@users.noreply.github.com>
Date: Thu, 19 Sep 2024 19:23:03 +0200
Subject: [PATCH] move publish workflow to pypi trusted publishing

---
 .github/workflows/publish.yml | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 5d40d5810..2f289b82f 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -6,10 +6,18 @@ on:
 jobs:
   pypi:
     runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/ephios
+    permissions:
+      id-token: write
     steps:
     - uses: actions/checkout@v4
-    - name: Build and publish to pypi
-      uses: JRubics/poetry-publish@v2.0
-      with:
-        pypi_token: ${{ secrets.PYPI_TOKEN }}
-        plugins: "poetry-dynamic-versioning[plugin]"
+    - name: Install poetry
+      run: |
+        pipx install poetry
+        pipx inject poetry "poetry-dynamic-versioning[plugin]"
+    - name: Build wheel
+      run: poetry build
+    - name: Publish package distributions to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1