ci: attest results of guix builds

This commit is contained in:
pasta 2024-10-22 09:57:23 -05:00
parent dd331827c8
commit cd712e86b7
No known key found for this signature in database
GPG Key ID: E2F3D7916E722D38

View File

@ -2,6 +2,8 @@ name: Guix Build
permissions: permissions:
packages: write packages: write
id-token: write
attestations: write
on: on:
pull_request_target: pull_request_target:
@ -127,3 +129,7 @@ jobs:
path: | path: |
${{ github.workspace }}/dash/guix-build*/output/${{ matrix.build_target }}/ ${{ github.workspace }}/dash/guix-build*/output/${{ matrix.build_target }}/
- name: Attest build provenance
uses: actions/attest-build-provenance@v1
with:
subject-path: ${{ github.workspace }}/dash/guix-build*/output/${{ matrix.build_target }}/*