From 1cd8b4b59a32ea270dc7e54991ff04d5aacc23de Mon Sep 17 00:00:00 2001
From: Sebastien Morais <sebastien.morais@ansys.com>
Date: Fri, 7 Jun 2024 09:23:36 +0200
Subject: [PATCH] CI: Use Trusted Publisher to release package

---
 .github/workflows/ci_cd.yml | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci_cd.yml b/.github/workflows/ci_cd.yml
index 7ddd8cdac9..e9377ad315 100644
--- a/.github/workflows/ci_cd.yml
+++ b/.github/workflows/ci_cd.yml
@@ -312,16 +312,20 @@ jobs:
     if: github.event_name == 'push' && contains(github.ref, 'refs/tags')
     needs: [package]
     runs-on: ubuntu-latest
+    # Specifying a GitHub environment is optional, but strongly encouraged
+    environment: release
+    permissions:
+      id-token: write
+      contents: write
     steps:
       - name: Release to the public PyPI repository
-        uses: ansys/actions/release-pypi-public@v5
+        uses: ansys/actions/release-pypi-public@v6
         with:
           library-name: ${{ env.PACKAGE_NAME }}
-          twine-username: "__token__"
-          twine-token: ${{ secrets.PYPI_TOKEN }}
+          use-trusted-publisher: true
 
       - name: Release to GitHub
-        uses: ansys/actions/release-github@v5
+        uses: ansys/actions/release-github@v6
         with:
           library-name: ${{ env.PACKAGE_NAME }}