admin/topgrade
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Generate artifact attestations for release assets (#1216)

Browse Source
This commit is contained in:
Ville Skyttä
2025-07-14 08:05:03 +00:00
committed by GitHub
parent 1114556661
commit 689db93c99
1 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
.github/workflows/create_release_assets.yml vendored
View File

@@ -22,6 +22,13 @@ on:
jobs: jobs:
# Publish release files for CD native environments # Publish release files for CD native environments
native_build: native_build:
permissions:
# Use to sign the release artifacts
id-token: write
# Used to upload release artifacts
contents: write
# Used to generate artifact attestations
attestations: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -119,8 +126,20 @@ jobs:
tag_name: ${{ steps.determine_tag_name.outputs.tag_name }} tag_name: ${{ steps.determine_tag_name.outputs.tag_name }}
files: assets/* files: assets/*
- name: Generate artifact attestations
uses: actions/attest-build-provenance@v2
with:
subject-path: assets/*
# Publish release files for non-CD-native environments # Publish release files for non-CD-native environments
cross_build: cross_build:
permissions:
# Use to sign the release artifacts
id-token: write
# Used to upload release artifacts
contents: write
# Used to generate artifact attestations
attestations: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -223,3 +242,8 @@ jobs:
with: with:
tag_name: ${{ steps.determine_tag_name.outputs.tag_name }} tag_name: ${{ steps.determine_tag_name.outputs.tag_name }}
files: assets/* files: assets/*
- name: Generate artifact attestations
uses: actions/attest-build-provenance@v2
with:
subject-path: assets/*