From 5e6bc448c8ee0875182622885b6c6c6498825180 Mon Sep 17 00:00:00 2001
From: Michel Oliveira <118028741+micheloliveira-com@users.noreply.github.com>
Date: Fri, 26 Sep 2025 16:42:02 -0300
Subject: [PATCH] feat(actions): add nuget trusted publishing

---
 .github/workflows/packages.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/packages.yml b/.github/workflows/packages.yml
index 56dca574dd..15d89010e9 100644
--- a/.github/workflows/packages.yml
+++ b/.github/workflows/packages.yml
@@ -112,11 +112,19 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     if: ${{ github.event.action == 'published' }}
+    permissions:
+      id-token: write
     steps:
       - name: Download Packages
         uses: actions/download-artifact@v4.1.7
         with:
           name: elsa-nuget-packages
 
+      - name: NuGet login
+        uses: NuGet/login@v1
+        id: nuget-login
+        with:
+          user: ${{ secrets.NUGET_USER }}
+
       - name: Publish to nuget.org
-        run: dotnet nuget push *.nupkg -k ${{ secrets.NUGET_API_KEY }} -s ${{ env.nuget_feed_source }} --skip-duplicate
+        run: dotnet nuget push *.nupkg -k ${{ steps.nuget-login.outputs.NUGET_API_KEY }} -s ${{ env.nuget_feed_source }} --skip-duplicate