Skip to content

Commit 7372380

Browse files
GrantBirkiGrantBirki
authored
Merge pull request #253 from github/attest-build-provenance
Attest Build Provenance
2 parents 2aa67be + a9f5558 commit 7372380

File tree

1 file changed

+7
-1
lines changed

1 file changed

+7
-1
lines changed

.github/workflows/release.yml

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,8 @@ on:
1111
permissions:
1212
contents: write
1313
packages: write
14+
id-token: write
15+
attestations: write
1416

1517
jobs:
1618
release:
@@ -37,13 +39,17 @@ jobs:
3739
- name: build
3840
run: echo "GEM_VERSION=$(gem build ${{ env.GEM_NAME }}.gemspec 2>&1 | grep Version | cut -d':' -f 2 | tr -d " \t\n\r")" >> $GITHUB_ENV
3941

42+
- uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # pin@v2
43+
with:
44+
subject-path: "${{ env.GEM_NAME }}-${{ env.GEM_VERSION }}.gem"
45+
4046
- name: publish to GitHub packages
4147
run: |
4248
export OWNER=$( echo ${{ github.repository }} | cut -d "/" -f 1 )
4349
GEM_HOST_API_KEY=${{ secrets.GITHUB_TOKEN }} gem push --KEY github --host https://rubygems.pkg.github.com/${OWNER} ${{ env.GEM_NAME }}-${{ env.GEM_VERSION }}.gem
4450
4551
- name: release
46-
uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # pin@v1.14.0
52+
uses: ncipollo/release-action@cdcc88a9acf3ca41c16c37bb7d21b9ad48560d87 # pin@v1.15.0
4753
with:
4854
artifacts: "${{ env.GEM_NAME }}-${{ env.GEM_VERSION }}.gem"
4955
tag: "v${{ env.GEM_VERSION }}"

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy