From 54034df3506b44af327315bbf447eb92176f6c62 Mon Sep 17 00:00:00 2001
From: Mikita Sakalouski <38785549+mikita-sakalouski@users.noreply.github.com>
Date: Wed, 29 May 2024 22:14:37 +0200
Subject: [PATCH] chore: Update release workflow to include id-token permission
 for trusted publishing

---
 .github/workflows/release.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index f2b6d47..b9298c7 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,8 +1,5 @@
 name: release 
 
-permissions:
-  id-token: write
-
 on:
   push:
     tags:
@@ -74,6 +71,11 @@ jobs:
     needs: python-artifacts
     if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
     runs-on: ubuntu-latest
+    # Specifying a GitHub environment is optional, but strongly encouraged
+    environment: release
+    permissions:
+      # IMPORTANT: this permission is mandatory for trusted publishing
+      id-token: write
 
     steps:
       - name: Download Python artifacts