From cceee6ede7a88b29b24a02405e65fe4770adfd1c Mon Sep 17 00:00:00 2001
From: Ewoud Kohl van Wijngaarden <ewoud@kohlvanwijngaarden.nl>
Date: Tue, 11 Feb 2025 13:33:38 +0100
Subject: [PATCH] Use trusted publishers to release gems

Link: https://community.theforeman.org/t/use-trusted-publishers-to-release-gems/42009
---
 .github/workflows/release.yml | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 98614b63..5adc06ae 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,7 +1,7 @@
 ---
 name: Release
 
-on:
+on:  # yamllint disable-line rule:truthy
   push:
     tags:
       - '*'
@@ -9,8 +9,12 @@ on:
 jobs:
   release:
     name: Release gem
-    uses: theforeman/actions/.github/workflows/release-gem.yml@v0
-    with:
-      allowed_owner: theforeman
-    secrets:
-      api_key: ${{ secrets.RUBYGEM_API_KEY }}
+    runs-on: ubuntu-latest
+    environment: release
+    if: github.repository_owner == 'theforeman'
+
+    permissions:
+      id-token: write
+
+    steps:
+      - uses: voxpupuli/ruby-release@v0