Migrate from PyPI tokens to Trusted Publishers (#106)

* Migrate from PyPI tokens to Trusted Publishers * Update release.yml * Update release.yml
iterative · Sep 11, 2023 · 8fb6b05 · 8fb6b05
1 parent c4e24f9
commit 8fb6b05
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/{{cookiecutter.project_name}}/.github/workflows/release.yml b/{{cookiecutter.project_name}}/.github/workflows/release.yml
@@ -10,6 +10,10 @@ env:
 
 jobs:
   release:
+    environment: pypi
+    permissions:
+      contents: read
+      id-token: write
     runs-on: ubuntu-latest
     steps:
     - name: Check out the repository
@@ -34,5 +38,3 @@ jobs:
     - name: Upload package
       if: github.event_name == 'release'
       uses: pypa/gh-action-pypi-publish@release/v1
-      with:
-        password: ${{"{{"}} secrets.PYPI_TOKEN {{"}}"}}