From c038aef8efd14c74a98a2928a9afc22ff49c4d6a Mon Sep 17 00:00:00 2001
From: Fabrice Brito <fabrice.brito@terradue.com>
Date: Fri, 13 Dec 2024 12:06:12 +0100
Subject: [PATCH] CI permissions

---
 .github/workflows/package.yaml | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/package.yaml b/.github/workflows/package.yaml
index 073ca15..6b825e2 100644
--- a/.github/workflows/package.yaml
+++ b/.github/workflows/package.yaml
@@ -5,7 +5,10 @@ on:
     types: [created]
 
 permissions:
+  id-token: write # IMPORTANT: this permission is mandatory for trusted publishing
   contents: read
+  packages: write
+  attestations: write
 
 jobs:
   deploy:
@@ -13,12 +16,7 @@ jobs:
     runs-on: ubuntu-latest
 
     environment: release
-    permissions:
-      id-token: write # IMPORTANT: this permission is mandatory for trusted publishing
-      contents: read
-      packages: write
-      attestations: write
-      
+     
     steps:
     - uses: actions/checkout@v4
     - name: Set up Python
@@ -46,6 +44,7 @@ jobs:
       with:
         skip-existing: true
         repository-url: https://upload.pypi.org/legacy/
+  
   container-build:
     runs-on: ubuntu-latest
     steps: