Revert publish_pypi.yml as Pypi doesn't support reuseable workflows as trusted publishers

Author: honnibal

.github/workflows/publish_pypi.yml

@@ -10,6 +10,20 @@ on:
 
 jobs:
   upload_pypi:
-    uses: explosion/gha-cibuildwheel/.github/workflows/publish_pypi.yml@main
-    with:
-      pypi-package-name: 'confection'
+    runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/confection
+    permissions:
+      id-token: write
+      contents: read
+    if: github.event_name == 'release' && github.event.action == 'published'
+    # or, alternatively, upload to PyPI on every tag starting with 'v' (remove on: release above to use this)
+    # if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
+    steps:
+      - uses: robinraju/release-downloader@v1
+        with:
+          tag: ${{ github.event.release.tag_name }}
+          fileName: '*'
+          out-file-path: 'dist'
+      - uses: pypa/gh-action-pypi-publish@release/v1