mirror of
https://github.com/crazywhalecc/static-php-cli.git
synced 2026-07-02 14:25:41 +08:00
feat: add permissions for id-token and attestations in release build (#1181)
This commit is contained in:
9
.github/workflows/release-build.yml
vendored
9
.github/workflows/release-build.yml
vendored
@@ -38,6 +38,9 @@ jobs:
|
||||
- name: "windows-x64"
|
||||
os: "ubuntu-latest"
|
||||
filename: "spc-windows-x64.exe"
|
||||
permissions:
|
||||
id-token: write
|
||||
attestations: write
|
||||
steps:
|
||||
- name: "Checkout"
|
||||
uses: "actions/checkout@v5"
|
||||
@@ -105,6 +108,12 @@ jobs:
|
||||
fi
|
||||
fi
|
||||
|
||||
- name: "Generate build provenance attestation"
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: actions/attest-build-provenance@v4
|
||||
with:
|
||||
subject-path: "${{ github.workspace }}/${{ matrix.operating-system.name == 'windows-x64' && 'spc.exe' || 'spc' }}"
|
||||
|
||||
- name: "Copy file"
|
||||
run: |
|
||||
if [ "${{ matrix.operating-system.name }}" != "windows-x64" ]; then
|
||||
|
||||
Reference in New Issue
Block a user