From b842abd46cf0264beea5c89438b9ecf5fe6d2b78 Mon Sep 17 00:00:00 2001
From: gschnabel <40870991+gschnabel@users.noreply.github.com>
Date: Mon, 22 Jan 2024 20:10:36 +0100
Subject: [PATCH] and another attempt...

---
 .github/workflows/publish_package.yml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/publish_package.yml b/.github/workflows/publish_package.yml
index 5c8ba86c..344810fa 100644
--- a/.github/workflows/publish_package.yml
+++ b/.github/workflows/publish_package.yml
@@ -36,20 +36,24 @@ jobs:
           resp=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \
             "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=pypi")
           oidc_token=$(jq '.value' <<< "${resp}")
+          echo "oidc_token: " $oidc_token
 
           # exchange the OIDC token for an API token
           resp=$(curl -X POST https://pypi.org/_/oidc/mint-token -d "{\"token\": \"${oidc_token}\"}")
           api_token=$(jq '.token' <<< "${resp}")
+          echo "api_token: " $api_token
 
           # mask the newly minted API token, so that we don't accidentally leak it
-          echo "::add-mask::${api_token}"
+          # echo "::add-mask::${api_token}"
 
           # see the next step in the workflow for an example of using this step output
           echo "api-token=${api_token}" >> "${GITHUB_OUTPUT}"
 
       - name: Publish package
         env:
-          PYPI_USER: __token__
+          # PYPI_USER: __token__
           PYPI_PASSWORD: ${{ steps.mint-token.outputs.api-token }}
         run: |
-          poetry publish --username $PYPI_USER --password $PYPI_PASSWORD
+          echo $PYPI_PASSWORD
+          poetry config pypi-token.pypi $PYPI_PASSWORD
+          poetry publish