From 9f9ba9fdcadc97aa50f82d9752bc3733d6a396e0 Mon Sep 17 00:00:00 2001
From: "Edgar R. M" <edgar@meltano.com>
Date: Tue, 18 Apr 2023 14:44:27 -0600
Subject: [PATCH] chore: Use PyPI OIDC to publish (#21)

---
 .github/workflows/release_workflow.yml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/release_workflow.yml b/.github/workflows/release_workflow.yml
index 801f997..fcd7685 100644
--- a/.github/workflows/release_workflow.yml
+++ b/.github/workflows/release_workflow.yml
@@ -2,7 +2,11 @@ name: Upload Python Package
 
 on:
   release:
-    types: [created]
+    types: [published]  # Trigger only when a release is published, not when a release is drafted
+
+permissions:
+  contents: write  # Needed to upload artifacts to the release
+  id-token: write  # Needed for OIDC PyPI publishing
 
 jobs:
   build_deploy:
@@ -35,7 +39,5 @@ jobs:
         tag: ${{ github.ref }}
         overwrite: true
         file_glob: true
-    - name: Deploy to PyPI
-      run: |
-        poetry publish -r testpypi -u "__token__" -p "${{ secrets.TEST_PYPI_TOKEN }}"
-        poetry publish -u "__token__" -p "${{ secrets.PYPI_TOKEN }}"
+    - name: Publish
+      uses: pypa/gh-action-pypi-publish@v1.8.5