diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 19fe1894..29c0ba00 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,6 +11,9 @@ jobs: permissions: contents: write packages: read + id-token: write + attestations: write + steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b @@ -30,6 +33,16 @@ jobs: npm ci npm run build + - name: generate artifact attestation for action.yml + uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 + with: + subject-path: action.yml + + - name: generate artifact attestation for lib/index.js + uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 + with: + subject-path: lib/index.js + - name: Build and Tag # temporary use own fork until # uses: JasonEtco/build-and-tag-action@v2