From bb0be158f03441efe94d5dff7c3b70764b24505c Mon Sep 17 00:00:00 2001
From: Adam Cheng <52572642+adamchengtkc@users.noreply.github.com>
Date: Fri, 22 Mar 2024 08:42:51 +0100
Subject: [PATCH] pypi trusted publsiher

---
 .github/workflows/publish.yml | 33 ++++++++++++++-------------------
 pyproject.toml                |  2 +-
 2 files changed, 15 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 9b62366..a115317 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -4,11 +4,13 @@
 name: build and publish
  
 on:
-  workflow_dispatch:
+  push:
+    tags:
+    - '[0-9]+.[0-9]+.[0-9]'
     
 permissions:
   id-token: write
-  contents: write
+  contents: read
 
 jobs:
   test3d:
@@ -47,27 +49,20 @@ jobs:
         with:
             python-version: '3.11'
 
-      - name: Azure key vault login
-        uses: Azure/login@v1
-        with:
-            client-id: ${{ secrets.AZURE_CLIENT_ID }}
-            tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-            allow-no-subscriptions: true
-
-      - name: Fetch secrets
-        uses: azure/CLI@v1
-        with:
-            azcliversion: 2.42.0
-            inlineScript: |
-                echo PYPI_TOKEN=$(az keyvault secret show --vault-name PSSCloudDev --name PYPI-Token --query value -o tsv) >> $GITHUB_ENV
-        
       - name: Install dependencies
         run: |
             curl -sSL https://install.python-poetry.org | python3
             poetry install --with dev --no-interaction
             
-      - name: Build and publish
+      - name: Update version (kept at 0.0.0) in pyproject.toml and build
         run: |
-            poetry config pypi-token.pypi ${{ env.PYPI_TOKEN }}
+            poetry version ${{ github.ref_name }}
             poetry build
-            poetry publish
+
+      - name: Mint token
+        id: mint
+        uses: tschm/token-mint-action@v1.0.3
+
+      - name: Publish the package with poetry
+        run: |
+          poetry publish -u __token__ -p '${{ steps.mint.outputs.api-token }}'
\ No newline at end of file
diff --git a/pyproject.toml b/pyproject.toml
index 04631a7..fdc1e3a 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "warmth"
-version = "0.0.1"
+version = "0.0.0"
 description = ""
 authors = ["Adam Cheng <52572642+adamchengtkc@users.noreply.github.com>"]
 readme = "README.md"