From c6e5b9948a63e354cc1f8010aa1e6982147a56fb Mon Sep 17 00:00:00 2001
From: Adam Janovsky <janovsky.vm@gmail.com>
Date: Thu, 18 May 2023 15:13:01 +0200
Subject: [PATCH] pypi: switch to trusted publishing

---
 .github/workflows/release.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 163f6014..b2343139 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -8,6 +8,11 @@ jobs:
     name: Release on PyPi
     runs-on: ubuntu-latest
     if: github.repository == 'crocs-muni/sec-certs'
+    environment:
+      name: pypi
+      url: https://pypi.org/project/sec-certs/
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v3
         with:
@@ -23,9 +28,6 @@ jobs:
         run: python -m build
       - name: Publish package to PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          user: ${{ secrets.PYPI_USERNAME }}
-          password: ${{ secrets.PYPI_PASSWORD }}
   docker_release:
     name: Release on DockerHub
     runs-on: ubuntu-latest