From cfb47e24fae4173ea106de4b84e686a7933f8589 Mon Sep 17 00:00:00 2001
From: Helena Zhang <Helena.Zhang@ibm.com>
Date: Mon, 16 Oct 2023 17:48:55 -0400
Subject: [PATCH] Switch PyPI publishing to use trusted publishers (#1284)

### Summary

This PR follows https://github.com/Qiskit/rustworkx/pull/1001 to update
the release CI workflow to use PyPI's trusted publisher mechanism.
---
 .github/workflows/release.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ddd408f251..8c7a18ce1d 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -7,6 +7,9 @@ jobs:
   wheel-build:
     name: Build and Publish Release Artifacts
     runs-on: ubuntu-latest
+    environment: release
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-python@v4
@@ -14,7 +17,7 @@ jobs:
         with:
           python-version: '3.8'
       - name: Install Deps
-        run: pip install -U twine wheel
+        run: pip install -U wheel
       - name: Build Artifacts
         run: |
           python setup.py sdist
@@ -24,7 +27,4 @@ jobs:
         with:
           path: ./dist/qiskit*
       - name: Publish to PyPi
-        env:
-          TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
-          TWINE_USERNAME: qiskit
-        run: twine upload dist/qiskit*
+        uses: pypa/gh-action-pypi-publish@release/v1