From f7e0d70fd70acc866f4ecfda785819b3ae2779bb Mon Sep 17 00:00:00 2001
From: Anton Medvedev <anton@medv.io>
Date: Sat, 12 Oct 2024 21:19:52 +0200
Subject: [PATCH] Update docker.yml

---
 .github/workflows/docker.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 8ce9f2ee6..7b7b4d46d 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -9,6 +9,10 @@ on:
         description: 'Version'
         required: true
 
+permissions:
+  id-token: write
+  attestations: write
+
 jobs:
   build-and-push:
     runs-on: ubuntu-latest
@@ -42,3 +46,10 @@ jobs:
           context: .
           push: true
           tags: deployphp/deployer:${{ env.RELEASE_VERSION }}
+
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-name: deployphp/deployer
+          subject-digest: ${{ steps.push.outputs.digest }}
+          push-to-registry: true