From 53a1385984f2d4ab3d0ef63638fd9870b2597deb Mon Sep 17 00:00:00 2001
From: Nejc Habjan <nejc.habjan@siemens.com>
Date: Thu, 3 Oct 2024 17:08:44 +0200
Subject: [PATCH] chore(ci): use trusted OIDC publishing

---
 .github/workflows/publish.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 97032df..f859db5 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -11,13 +11,15 @@ env:
 jobs:
   publish:
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-python@v4
         with:
           python-version: "3.11"
       - uses: abatilo/actions-poetry@v2
-      - name: Publish package
-        run: |
-          poetry install -n --no-dev
-          poetry publish --build -u __token__ -p ${{ secrets.PYPI_SECRET }}
+      - name: Build package
+        run: poetry build
+      - name: Publish package to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1