From 3775f8248f90e6d209b8e2c54d34ec518eb25c41 Mon Sep 17 00:00:00 2001
From: Alex Lubbock <code@alexlubbock.com>
Date: Thu, 8 Aug 2024 19:44:53 +0100
Subject: [PATCH] ci: release using dedicated github action (#24)

---
 .github/workflows/python-publish.yml | 24 +++++++-----------------
 1 file changed, 7 insertions(+), 17 deletions(-)

diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml
index 1af6567..52693fa 100644
--- a/.github/workflows/python-publish.yml
+++ b/.github/workflows/python-publish.yml
@@ -12,22 +12,12 @@ jobs:
   deploy:
 
     runs-on: ubuntu-latest
+    environment: production
+    permissions:
+      # IMPORTANT: this permission is mandatory for trusted publishing
+      id-token: write
 
     steps:
-    - uses: actions/checkout@v2
-    - name: Set up Python
-      uses: actions/setup-python@v2
-      with:
-        python-version: '3.x'
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install setuptools wheel twine
-    - name: Build and publish
-      env:
-        TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
-        TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
-      run: |
-        python setup.py sdist bdist_wheel
-        twine upload dist/*
-
+    - uses: actions/checkout@v4
+    - name: Publish package distributions to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1