From f527d97587fb55a789dd6b678f1a30a84de4b23c Mon Sep 17 00:00:00 2001
From: Henry <henry.webel@cpr.ku.dk>
Date: Sat, 27 Apr 2024 17:24:58 +0200
Subject: [PATCH] :wrench: try to update to OIDC

https://docs.pypi.org/trusted-publishers/
---
 .github/workflows/cicd.yml | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
index a6b1576..349daba 100644
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -103,16 +103,15 @@ jobs:
           - build_source_dist
           # - build_wheels
       runs-on: ubuntu-latest
-
+      environment:
+        name: testpypi
+        url: https://test.pypi.org/project/list-publications/
+      permissions:
+        id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
       steps:
           - uses: actions/download-artifact@v4
             with:
               name: artifact
               path: ./dist
-
-          - uses: pypa/gh-action-pypi-publish@release/v1
-            with:
-              # remove repository key to set the default to pypi (not test.pypi.org) 
-              repository-url: https://test.pypi.org/legacy/
-              user: __token__
-              password: ${{ secrets.PYPI_API_TOKEN }}
\ No newline at end of file
+          - Publish package distributions to PyPI
+          - uses: pypa/gh-action-pypi-publish@release/v1
\ No newline at end of file