From 0678a07f71269c8ae0d640ae4d9904260854190c Mon Sep 17 00:00:00 2001
From: Irfan Alibay <IAlibay@users.noreply.github.com>
Date: Sun, 29 Oct 2023 13:34:09 +0000
Subject: [PATCH 1/4] Update deploy.yaml for OIDC

---
 .github/workflows/deploy.yaml | 37 +++++++++++++++++++++++++----------
 1 file changed, 27 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 1261d58..f0d1264 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -9,29 +9,46 @@ on:
       - published
 
 jobs:
-  pypi_push:
-    environment: deploy
-    if: "github.repository == 'MDAnalysis/waterdynamics'"
-    name: Build, upload and test pure Python wheels
+  testpypi_push:
+    environment:
+      name: deploy
+      url: https://test.pypi.org/p/waterdynamics
+    permissions:
+      id-token: write
+    if: |
+      github.repository == 'MDAnalysis/waterdynamics' &&
+      (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
+    name: Build, upload and test pure Python wheels to TestPyPi
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: testpypi_deploy
         uses: MDAnalysis/pypi-deployment@main
-        if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
         with:
-          token: ${{ secrets.TEST_PYPI_API_TOKEN }}
           test_submission: true
           tests: true
           test_deps: 'pytest MDAnalysisTests'
           package_name: 'waterdynamics'
 
+  pypi_push:
+    environment:
+      name: deploy
+      url: https://pypi.org/p/waterdynamics
+    permissions:
+      id-token: write
+    if: |
+      github.repository == 'MDAnalysis/waterdynamics' &&
+      (github.event_name == 'release' && github.event.action == 'published')
+    name: Build, upload and test pure Python wheels to PyPi
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
       - name: pypi_deploy
         uses: MDAnalysis/pypi-deployment@main
-        if: github.event_name == 'release' && github.event.action == 'published'
         with:
-          token: ${{ secrets.PYPI_API_TOKEN }}
           package_name: 'waterdynamics'
-          tests: false
+          test_deps: 'pytest MDAnalysisTests'

From f0b15dbc2568a557c1b47fd0bcd6ddb6634d811f Mon Sep 17 00:00:00 2001
From: Irfan Alibay <IAlibay@users.noreply.github.com>
Date: Tue, 31 Oct 2023 06:52:37 +0000
Subject: [PATCH 2/4] Update gh-ci.yaml

---
 .github/workflows/gh-ci.yaml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/gh-ci.yaml b/.github/workflows/gh-ci.yaml
index 55980ad..857acab 100644
--- a/.github/workflows/gh-ci.yaml
+++ b/.github/workflows/gh-ci.yaml
@@ -35,6 +35,8 @@ jobs:
 
       - id: get-compatible-python
         uses: MDAnalysis/mdanalysis-compatible-python@main
+        with:
+          release: "latest"
 
   main-tests:
     if: "github.repository == 'MDAnalysis/waterdynamics'"
@@ -48,7 +50,7 @@ jobs:
           mdanalysis-version: ["latest", "develop"]
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
 
     - name: Build information
       run: |
@@ -118,7 +120,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
 
     - name: Set up Python
       uses: actions/setup-python@v4
@@ -144,7 +146,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
 
     - name: Set up Python ${{ needs.environment-config.outputs.stable-python-version }}
       uses: actions/setup-python@v4

From 53e6ac50ad48c619b5970f03a6afa486d19b2497 Mon Sep 17 00:00:00 2001
From: Irfan Alibay <IAlibay@users.noreply.github.com>
Date: Fri, 3 Nov 2023 11:39:03 +0000
Subject: [PATCH 3/4] Update deploy.yaml

---
 .github/workflows/deploy.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index f0d1264..f9987e8 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -17,7 +17,7 @@ jobs:
       id-token: write
     if: |
       github.repository == 'MDAnalysis/waterdynamics' &&
-      (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
+      (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/'))
     name: Build, upload and test pure Python wheels to TestPyPi
     runs-on: ubuntu-latest
 

From bd624c93fa0bf9b67988a13b5e935388f7c988b8 Mon Sep 17 00:00:00 2001
From: Irfan Alibay <IAlibay@users.noreply.github.com>
Date: Fri, 3 Nov 2023 20:10:20 +0000
Subject: [PATCH 4/4] Update deploy.yaml

---
 .github/workflows/deploy.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index f9987e8..f1a1f95 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -50,5 +50,6 @@ jobs:
       - name: pypi_deploy
         uses: MDAnalysis/pypi-deployment@main
         with:
-          package_name: 'waterdynamics'
+          tests: true
           test_deps: 'pytest MDAnalysisTests'
+          package_name: 'waterdynamics'