From 2c6d526e859ab8f75cbe868b6717111b087081c5 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Thu, 2 May 2024 22:19:03 +0200
Subject: [PATCH] Try adding attestation build provenance for NuGet packages

---
 .github/workflows/dotnet-core.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/workflows/dotnet-core.yml b/.github/workflows/dotnet-core.yml
index 96f9c11234..9f5f5af714 100644
--- a/.github/workflows/dotnet-core.yml
+++ b/.github/workflows/dotnet-core.yml
@@ -6,6 +6,11 @@ on:
       - stable
       - next
 
+permissions:
+  id-token: write
+  attestations: write
+  contents: read
+
 jobs:
   build-windows-msvc:
     runs-on: windows-latest
@@ -330,3 +335,8 @@ jobs:
         run: |
           chmod +x .libsodium-builds/linux-${{ matrix.arch }}/Tests
           env LD_LIBRARY_PATH=${{ matrix.libs }} .libsodium-builds/linux-${{ matrix.arch }}/Tests
+
+      - name: Attest Build Provenance
+        uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940
+        with:
+         subject-path: ".libsodium-builds/libsodium-1.0.19.2.nupkg"
\ No newline at end of file