From 8422afe9e713c708cfc9b70cd82803e19d38ed81 Mon Sep 17 00:00:00 2001
From: abel <67806187+standard3@users.noreply.github.com>
Date: Sun, 30 Jun 2024 17:07:09 +0200
Subject: [PATCH] chore: allow CI to read PyPI token

---
 .github/workflows/release.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 3dd07d1..7e002a5 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -6,7 +6,7 @@ name: build & release
 on:
   # Triggers the workflow on push or pull request events but only for the master branch
   push:
-    branch: [main, master]
+    branch: main
     tags:
       - 'v*'
 
@@ -22,6 +22,10 @@ jobs:
       matrix:
         python-versions: ['3.10']
 
+    # authorize job to read secrets
+    permissions:
+      id-token: write
+
     # map step outputs to job outputs so they can be share among jobs
     outputs:
       package_version: ${{ steps.variables_step.outputs.package_version }}