diff --git a/.github/workflows/reusable-python-publish_pypi_package.yml b/.github/workflows/reusable-python-publish_pypi_package.yml index 60c238a..27254cb 100644 --- a/.github/workflows/reusable-python-publish_pypi_package.yml +++ b/.github/workflows/reusable-python-publish_pypi_package.yml @@ -52,9 +52,6 @@ on: JFROG_ARTIFACTORY_TOKEN: description: 'JFrog Artifactory Token' required: true - PYPI_TOKEN: - description: 'PyPI Token' - required: false defaults: run: @@ -99,6 +96,7 @@ jobs: publish_package: name: Publish package permissions: + id-token: write contents: read runs-on: 'ubuntu-latest' timeout-minutes: 5 @@ -142,7 +140,6 @@ jobs: verbose: true packages-dir: ${{ env.build-dir-path }}/ repository-url: https://${{ matrix.virtual-repo-name == 'test-pypi' && 'test.pypi' || 'upload.pypi'}}.org/legacy/ - password: ${{ secrets.PYPI_TOKEN }} add_release_asset: name: Add release asset permissions: diff --git a/.github/workflows/reusable-python-release_pypi_assets.yml b/.github/workflows/reusable-python-release_pypi_assets.yml index 64e66b1..20ef0a9 100644 --- a/.github/workflows/reusable-python-release_pypi_assets.yml +++ b/.github/workflows/reusable-python-release_pypi_assets.yml @@ -23,9 +23,6 @@ on: JFROG_ARTIFACTORY_TOKEN: description: 'JFrog Artifactory Token' required: true - PYPI_TOKEN: - description: 'PyPI Token' - required: false defaults: run: @@ -35,6 +32,7 @@ jobs: publish_pypi_assets: name: Publish PyPI assets permissions: + id-token: write contents: write if: ${{ github.repository_owner == 'MiraGeoscience' }} runs-on: 'ubuntu-latest' @@ -74,4 +72,3 @@ jobs: verbose: true packages-dir: download-assets/ repository-url: https://${{ matrix.virtual-repo-name == 'test-pypi' && 'test.pypi' || 'upload.pypi'}}.org/legacy/ - password: ${{ secrets.PYPI_TOKEN }}