mirror of
https://github.com/tun2proxy/tun2proxy.git
synced 2025-04-19 21:39:09 +00:00
Build provenance attestation
This commit is contained in:
B. Blechschmidt
parent
a082a6f45b
commit
4554d3bc55
1 changed files with 23 additions and 3 deletions
26
.github/workflows/publish-exe.yml
vendored
26
.github/workflows/publish-exe.yml
vendored
|
|
@ -8,6 +8,12 @@ name: Publish Releases
|
||||||
jobs:
|
jobs:
|
||||||
build_publish:
|
build_publish:
|
||||||
name: Publishing Tasks
|
name: Publishing Tasks
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
id-token: write
|
||||||
|
contents: read
|
||||||
|
attestations: write
|
||||||
|
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
target:
|
target:
|
||||||
|
|
@ -84,10 +90,24 @@ jobs:
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Enable build verification
|
# Support verifiable builds
|
||||||
- name: Verifiable Build
|
- name: Calculate hashes
|
||||||
shell: bash
|
shell: bash
|
||||||
run: sha256sum ./mypubdir4/*
|
run: |
|
||||||
|
echo "--- BEGIN SHA256SUM ---"
|
||||||
|
sha256sum ./mypubdir4/*
|
||||||
|
echo "--- END SHA256SUM ---"
|
||||||
|
|
||||||
|
- name: Upload artifacts
|
||||||
|
uses: actions/upload-artifact@v4
|
||||||
|
with:
|
||||||
|
name: bin
|
||||||
|
path: mypubdir4/*
|
||||||
|
|
||||||
|
- name: Generate artifact attestation
|
||||||
|
uses: actions/attest-build-provenance@v1
|
||||||
|
with:
|
||||||
|
subject-path: mypubdir4/*
|
||||||
|
|
||||||
- name: Publish
|
- name: Publish
|
||||||
uses: softprops/action-gh-release@v1
|
uses: softprops/action-gh-release@v1
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue