ci: release with trusted publisher and attestations (#5196)

* ci: release with trusted publisher and attestations

Signed-off-by: Henry Schreiner <henryschreineriii@gmail.com>

* Update pip.yml

---------

Signed-off-by: Henry Schreiner <henryschreineriii@gmail.com>

.github/workflows/pip.yml

@@ -58,7 +58,7 @@ jobs:
 
     - name: Prepare env
       run: |
-        python -m pip install -r tests/requirements.txt build twine
+        python -m pip install -r tests/requirements.txt build twine!=5.1.0
 
     - name: Python Packaging tests
       run: pytest tests/extra_python_package/
@@ -91,23 +91,27 @@ jobs:
     runs-on: ubuntu-latest
     if: github.event_name == 'release' && github.event.action == 'published'
     needs: [packaging]
+    environment: pypi
+    permissions:
+      id-token: write
+      attestations: write
+      contents: read
 
     steps:
-    - uses: actions/setup-python@v5
-      with:
-        python-version: "3.x"
-
     # Downloads all to directories matching the artifact names
     - uses: actions/download-artifact@v4
 
+    - name: Generate artifact attestation for sdist and wheel
+      uses: actions/attest-build-provenance@173725a1209d09b31f9d30a3890cf2757ebbff0d # v1.1.2
+      with:
+        subject-path: "*/pybind11*"
+
     - name: Publish standard package
       uses: pypa/gh-action-pypi-publish@release/v1
       with:
-        password: ${{ secrets.pypi_password }}
         packages-dir: standard/
 
     - name: Publish global package
       uses: pypa/gh-action-pypi-publish@release/v1
       with:
-        password: ${{ secrets.pypi_password_global }}
         packages-dir: global/