From 5cccda261a8a29424bc0970c117f23a404bb8989 Mon Sep 17 00:00:00 2001
From: Jared Hatfield <jjhatf02@gmail.com>
Date: Fri, 27 Sep 2024 21:48:41 -0400
Subject: [PATCH] Adding actions/attest-build-provenance@v1

For the build that is published to maven central, the attestation is performed.
---
 .github/workflows/release.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c58cbaa..92ea558 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -4,6 +4,9 @@ on:
     types: [published]
 jobs:
   publish:
+    permissions:
+      id-token: write
+      attestations: write
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -25,3 +28,6 @@ jobs:
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
           MAVEN_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
+      - uses: actions/attest-build-provenance@v1
+        with:
+          subject-path: "target/*.jar"