From ad240bdacc521a297f6c2e597cc27a214b983f22 Mon Sep 17 00:00:00 2001
From: Rob Hammond <13874373+RHammond2@users.noreply.github.com>
Date: Fri, 13 Sep 2024 13:33:28 -0700
Subject: [PATCH] add permissions to pypi and test-pypi runners (#181)

---
 .github/workflows/publish-to-pypi.yml      | 2 ++
 .github/workflows/publish-to-test-pypi.yml | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish-to-pypi.yml
index ff0d2f36..a580f705 100644
--- a/.github/workflows/publish-to-pypi.yml
+++ b/.github/workflows/publish-to-pypi.yml
@@ -13,6 +13,8 @@ jobs:
     # Upload to PyPI on every published release
     if: github.event.action == 'published'
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
 
     steps:
       - uses: actions/checkout@v4
diff --git a/.github/workflows/publish-to-test-pypi.yml b/.github/workflows/publish-to-test-pypi.yml
index d7407ab8..14f67869 100644
--- a/.github/workflows/publish-to-test-pypi.yml
+++ b/.github/workflows/publish-to-test-pypi.yml
@@ -14,6 +14,8 @@ jobs:
     environment: release
     if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
 
     steps:
       - uses: actions/checkout@v4