mirror of
https://github.com/HIllya51/LunaHook.git
synced 2024-12-24 20:24:13 +08:00
Attest build provenance in release workflow (#109)
* Attest build provenance in release workflow Also fix release workflow formatting * Fix workflow permissions * Revert formatting and remove extraneous content permissions
This commit is contained in:
parent
e864f62aef
commit
2a2ed62898
22
.github/workflows/release.yml
vendored
22
.github/workflows/release.yml
vendored
@ -17,6 +17,9 @@ jobs:
|
||||
- target: Release_English_winxp
|
||||
- target: Release_Chinese_winxp
|
||||
- target: Release_Russian_winxp
|
||||
permissions:
|
||||
id-token: write
|
||||
attestations: write
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
@ -36,6 +39,10 @@ jobs:
|
||||
- name: Pack
|
||||
run: python build.py pack
|
||||
|
||||
- name: Generate attestation for artifact
|
||||
uses: actions/attest-build-provenance@v1
|
||||
with:
|
||||
subject-path: builds/${{ matrix.target }}.zip
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
@ -60,6 +67,9 @@ jobs:
|
||||
- cmd: plg64
|
||||
qtarch: win64_msvc2019_64
|
||||
target: plugin64
|
||||
permissions:
|
||||
id-token: write
|
||||
attestations: write
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
@ -82,6 +92,11 @@ jobs:
|
||||
|
||||
- name: Pack
|
||||
run: python build.py pack
|
||||
|
||||
- name: Generate attestation for artifact
|
||||
uses: actions/attest-build-provenance@v1
|
||||
with:
|
||||
subject-path: builds/${{ matrix.target }}.zip
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
@ -102,6 +117,9 @@ jobs:
|
||||
- target: Release_English
|
||||
- target: Release_Chinese
|
||||
- target: Release_Russian
|
||||
permissions:
|
||||
id-token: write
|
||||
attestations: write
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
@ -120,6 +138,10 @@ jobs:
|
||||
- name: Pack
|
||||
run: python build.py pack
|
||||
|
||||
- name: Generate attestation for artifact
|
||||
uses: actions/attest-build-provenance@v1
|
||||
with:
|
||||
subject-path: builds/${{ matrix.target }}.zip
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
|
Loading…
x
Reference in New Issue
Block a user