From 8a665c898a2338b766fb7904bde441cdfc0207f2 Mon Sep 17 00:00:00 2001
From: cmandich <mandichc@gmail.com>
Date: Sun, 23 Jun 2024 23:25:04 -0700
Subject: [PATCH] Update GitActions to OIDC.

---
 .../workflows/python-public-prerelease.yml    | 31 +++++++------------
 .github/workflows/python-public-release.yml   | 29 ++++++-----------
 2 files changed, 22 insertions(+), 38 deletions(-)

diff --git a/.github/workflows/python-public-prerelease.yml b/.github/workflows/python-public-prerelease.yml
index 0646f0a..c389432 100644
--- a/.github/workflows/python-public-prerelease.yml
+++ b/.github/workflows/python-public-prerelease.yml
@@ -8,24 +8,17 @@ on:
     types: [prereleased]
 
 jobs:
-  deploy:
-
+  pypi-publish:
+    name: upload release to PyPI
     runs-on: ubuntu-latest
-
+    # Specifying a GitHub environment is optional, but strongly encouraged
+    environment: release
+    permissions:
+      # IMPORTANT: this permission is mandatory for trusted publishing
+      id-token: write
     steps:
-    - uses: actions/checkout@v2
-    - name: Set up Python
-      uses: actions/setup-python@v2
-      with:
-        python-version: '3.x'
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install setuptools wheel twine
-    - name: Build and publish
-      env:
-        TWINE_USERNAME: ${{ secrets.TEST_PYPI_USERNAME }}
-        TWINE_PASSWORD: ${{ secrets.TEST_PYPI_PASSWORD }}
-      run: |
-        python setup.py sdist bdist_wheel
-        python3 -m twine upload --repository-url https://test.pypi.org/legacy/ dist/*
+      # retrieve your distributions here
+      - name: Publish package distributions to TestPyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          repository-url: https://test.pypi.org/legacy
diff --git a/.github/workflows/python-public-release.yml b/.github/workflows/python-public-release.yml
index 196a723..34dee74 100644
--- a/.github/workflows/python-public-release.yml
+++ b/.github/workflows/python-public-release.yml
@@ -8,24 +8,15 @@ on:
     types: [released]
 
 jobs:
-  deploy:
-
+  pypi-publish:
+    name: upload release to PyPI
     runs-on: ubuntu-latest
-
+    # Specifying a GitHub environment is optional, but strongly encouraged
+    environment: release
+    permissions:
+      # IMPORTANT: this permission is mandatory for trusted publishing
+      id-token: write
     steps:
-    - uses: actions/checkout@v2
-    - name: Set up Python
-      uses: actions/setup-python@v2
-      with:
-        python-version: '3.x'
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install setuptools wheel twine
-    - name: Build and publish
-      env:
-        TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
-        TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
-      run: |
-        python setup.py sdist bdist_wheel
-        python3 -m twine upload dist/*
+      # retrieve your distributions here
+      - name: Publish package distributions to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1