File tree 3 files changed +30
-0
lines changed
3 files changed +30
-0
lines changed Original file line number Diff line number Diff line change @@ -169,6 +169,10 @@ jobs:
169
169
- pythonbuild
170
170
- image
171
171
runs-on : depot-ubuntu-22.04
172
+ # Permissions used for actions/attest-build-provenance
173
+ permissions :
174
+ id-token : write
175
+ attestations : write
172
176
strategy :
173
177
matrix : ${{ fromJson(needs.generate-matrix.outputs.matrix) }}
174
178
fail-fast : false
@@ -230,6 +234,12 @@ jobs:
230
234
231
235
build/pythonbuild validate-distribution ${EXTRA_ARGS} dist/*.tar.zst
232
236
237
+ - name : Generate attestations
238
+ uses : actions/attest-build-provenance@v2
239
+ if : ${{ github.ref == 'refs/heads/main' }}
240
+ with :
241
+ subject-path : dist/*
242
+
233
243
- name : Upload Distribution
234
244
if : ${{ ! matrix.dry-run }}
235
245
uses : actions/upload-artifact@v4
Original file line number Diff line number Diff line change 91
91
matrix : ${{ fromJson(needs.generate-matrix.outputs.matrix) }}
92
92
fail-fast : false
93
93
runs-on : depot-macos-latest
94
+ # Permissions used for actions/attest-build-provenance
95
+ permissions :
96
+ id-token : write
97
+ attestations : write
94
98
name : ${{ matrix.target_triple }} / ${{ matrix.python }} / ${{ matrix.build_options }}
95
99
steps :
96
100
- uses : actions/checkout@v4
@@ -122,6 +126,12 @@ jobs:
122
126
123
127
./build-macos.py --target-triple ${{ matrix.target_triple }} --python cpython-${{ matrix.python }} --options ${{ matrix.build_options }}
124
128
129
+ - name : Generate attestations
130
+ uses : actions/attest-build-provenance@v2
131
+ if : ${{ github.ref == 'refs/heads/main' }}
132
+ with :
133
+ subject-path : dist/*
134
+
125
135
- name : Upload Distributions
126
136
if : ${{ ! matrix.dry-run }}
127
137
uses : actions/upload-artifact@v4
Original file line number Diff line number Diff line change 89
89
- generate-matrix
90
90
- pythonbuild
91
91
runs-on : windows-latest-large
92
+ # Permissions used for actions/attest-build-provenance
93
+ permissions :
94
+ id-token : write
95
+ attestations : write
92
96
strategy :
93
97
matrix : ${{ fromJson(needs.generate-matrix.outputs.matrix) }}
94
98
fail-fast : false
@@ -132,6 +136,12 @@ jobs:
132
136
$Dists = Resolve-Path -Path "dist/*.tar.zst" -Relative
133
137
.\pythonbuild.exe validate-distribution --run $Dists
134
138
139
+ - name : Generate attestations
140
+ uses : actions/attest-build-provenance@v2
141
+ if : ${{ github.ref == 'refs/heads/main' }}
142
+ with :
143
+ subject-path : dist/*
144
+
135
145
- name : Upload Distributions
136
146
uses : actions/upload-artifact@v4
137
147
with :
You can’t perform that action at this time.
0 commit comments