Skip to content

Commit

Permalink
Attest generated code (#864)
Browse files Browse the repository at this point in the history
Attest provenance of generated code.
  • Loading branch information
martincostello authored May 11, 2024
1 parent fe1d071 commit c32f5fa
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ jobs:
name: ${{ matrix.os }}
runs-on: ${{ matrix.os }}

permissions:
attestations: write
contents: read
id-token: write

strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -66,6 +71,14 @@ jobs:
flags: ${{ matrix.codecov_os }}
token: ${{ secrets.CODECOV_TOKEN }}

- name: Attest dist
uses: actions/attest-build-provenance@951c0c5f8e375ad4efad33405ab77f7ded2358e4 # v1.1.1
if: |
runner.os == 'Linux' &&
github.ref_name == github.event.repository.default_branch
with:
subject-path: ./dist/**/*.js

lint:
runs-on: ubuntu-latest

Expand Down

0 comments on commit c32f5fa

Please sign in to comment.