From 034b3803b95660fa581d5e92b5ea8387a561fc7c Mon Sep 17 00:00:00 2001
From: Jack Gerrits <jack@jackgerrits.com>
Date: Tue, 1 Oct 2024 20:21:55 -0400
Subject: [PATCH] Use trusted publisher for pypi release

---
 .github/workflows/python-package.yml | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/python-package.yml b/.github/workflows/python-package.yml
index 94edf117de20..b2274e641989 100644
--- a/.github/workflows/python-package.yml
+++ b/.github/workflows/python-package.yml
@@ -7,6 +7,7 @@ name: python-package
 on:
   release:
     types: [published]
+  workflow_dispatch:
 permissions: {}
   # actions: read
   # checks: read
@@ -19,7 +20,11 @@ jobs:
         os: ['ubuntu-latest']
         python-version: [3.10]
     runs-on: ${{ matrix.os }}
-    environment: package
+    environment:
+      name: package
+      url: https://pypi.org/p/autogen-agentchat
+    permissions:
+      id-token: write
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -48,6 +53,5 @@ jobs:
         run: |
           pip install twine
           python setup.py sdist bdist_wheel
-      - name: Publish to PyPI
-        shell: pwsh
-        run: twine upload dist/*
+      - name: Publish package to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1