From c0d034fb1a3daf38e5faede43d831cd3ca0d62a8 Mon Sep 17 00:00:00 2001
From: Kristen Thyng <kthyng@gmail.com>
Date: Fri, 21 Jun 2024 15:28:39 -0500
Subject: [PATCH] updated pypi release workflow

---
 .github/workflows/release.yaml | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 558c629..478eaf6 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -6,19 +6,23 @@ on: [push]
 
 jobs:
   release:
+    name: Upload release to PyPI
     runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/intake-coops
+    permissions:
+      id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-python@v4
+      - uses: actions/setup-python@v5
       - name: Install dependencies
         run: |
-          python -m pip install -U pip wheel "setuptools<66.0.0" setuptools-scm twine
+          python -m pip install -U pip wheel setuptools setuptools-scm twine
+        # python -m pip install -U pip wheel "setuptools<66.0.0" setuptools-scm twine
       - name: Build distributions
         run: python setup.py sdist bdist_wheel
 
       - name: Publish to PyPI
         if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
-        uses: pypa/gh-action-pypi-publish@master
-        with:
-          user: ${{ secrets.PYPI_USERNAME }}
-          password: ${{ secrets.PYPI_PASSWORD }}
+        uses: pypa/gh-action-pypi-publish@release/v1
\ No newline at end of file