Switch PyPI publishing to use trusted publishers (#1284)

### Summary This PR follows Qiskit/rustworkx#1001 to update the release CI workflow to use PyPI's trusted publisher mechanism. (cherry picked from commit cfb47e2)
qiskit-community · Nov 1, 2023 · c6a9b8f · c6a9b8f
1 parent 6b66777
commit c6a9b8f
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -7,14 +7,17 @@ jobs:
   wheel-build:
     name: Build and Publish Release Artifacts
     runs-on: ubuntu-latest
+    environment: release
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-python@v4
         name: Install Python
         with:
           python-version: '3.8'
       - name: Install Deps
-        run: pip install -U twine wheel
+        run: pip install -U wheel
       - name: Build Artifacts
         run: |
           python setup.py sdist
@@ -24,7 +27,4 @@ jobs:
         with:
           path: ./dist/qiskit*
       - name: Publish to PyPi
-        env:
-          TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
-          TWINE_USERNAME: qiskit
-        run: twine upload dist/qiskit*
+        uses: pypa/gh-action-pypi-publish@release/v1