mirror of
https://github.com/dtolnay/install.git
synced 2025-01-31 07:01:20 +01:00
Merge pull request #21 from dtolnay/attestation
Perform artifact attestation
This commit is contained in:
commit
8dc199752a
25 changed files with 53 additions and 0 deletions
2
.github/workflows/bindgen.yml
vendored
2
.github/workflows/bindgen.yml
vendored
|
@ -13,5 +13,7 @@ jobs:
|
||||||
crate: bindgen-cli
|
crate: bindgen-cli
|
||||||
bin: bindgen
|
bin: bindgen
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/buckle.yml
vendored
2
.github/workflows/buckle.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: buckle
|
crate: buckle
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
5
.github/workflows/build.yml
vendored
5
.github/workflows/build.yml
vendored
|
@ -38,7 +38,9 @@ jobs:
|
||||||
name: ${{inputs.crate}}
|
name: ${{inputs.crate}}
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
timeout-minutes: 45
|
timeout-minutes: 45
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
|
@ -63,6 +65,9 @@ jobs:
|
||||||
- run: gpg --output ${{inputs.bin || inputs.crate}}.sig --detach-sig ${{steps.which.outputs.which}}
|
- run: gpg --output ${{inputs.bin || inputs.crate}}.sig --detach-sig ${{steps.which.outputs.which}}
|
||||||
- run: gpg --output signing-key.gpg --dearmor signing-key.asc
|
- run: gpg --output signing-key.gpg --dearmor signing-key.asc
|
||||||
- run: gpg --no-default-keyring --keyring ./signing-key.gpg --verify ${{inputs.bin || inputs.crate}}.sig ${{steps.which.outputs.which}}
|
- run: gpg --no-default-keyring --keyring ./signing-key.gpg --verify ${{inputs.bin || inputs.crate}}.sig ${{steps.which.outputs.which}}
|
||||||
|
- uses: actions/attest-build-provenance@v2
|
||||||
|
with:
|
||||||
|
subject-path: ${{steps.which.outputs.which}}
|
||||||
- run: git tag -d ${{inputs.crate}} || true
|
- run: git tag -d ${{inputs.crate}} || true
|
||||||
- run: git tag ${{inputs.crate}}
|
- run: git tag ${{inputs.crate}}
|
||||||
- run: git push origin tag ${{inputs.crate}} --force
|
- run: git push origin tag ${{inputs.crate}} --force
|
||||||
|
|
2
.github/workflows/cargo-afl.yml
vendored
2
.github/workflows/cargo-afl.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cargo-afl
|
crate: cargo-afl
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cargo-bloat.yml
vendored
2
.github/workflows/cargo-bloat.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cargo-bloat
|
crate: cargo-bloat
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cargo-docs-rs.yml
vendored
2
.github/workflows/cargo-docs-rs.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cargo-docs-rs
|
crate: cargo-docs-rs
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cargo-expand.yml
vendored
2
.github/workflows/cargo-expand.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cargo-expand
|
crate: cargo-expand
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cargo-fuzz.yml
vendored
2
.github/workflows/cargo-fuzz.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cargo-fuzz
|
crate: cargo-fuzz
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cargo-llvm-lines.yml
vendored
2
.github/workflows/cargo-llvm-lines.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cargo-llvm-lines
|
crate: cargo-llvm-lines
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cargo-outdated.yml
vendored
2
.github/workflows/cargo-outdated.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cargo-outdated
|
crate: cargo-outdated
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cargo-tally.yml
vendored
2
.github/workflows/cargo-tally.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cargo-tally
|
crate: cargo-tally
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cargo-unlock.yml
vendored
2
.github/workflows/cargo-unlock.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cargo-unlock
|
crate: cargo-unlock
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cargo-web.yml
vendored
2
.github/workflows/cargo-web.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cargo-web
|
crate: cargo-web
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cbindgen.yml
vendored
2
.github/workflows/cbindgen.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: cbindgen
|
crate: cbindgen
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/cxxbridge-cmd.yml
vendored
2
.github/workflows/cxxbridge-cmd.yml
vendored
|
@ -13,5 +13,7 @@ jobs:
|
||||||
crate: cxxbridge-cmd
|
crate: cxxbridge-cmd
|
||||||
bin: cxxbridge
|
bin: cxxbridge
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/dircnt.yml
vendored
2
.github/workflows/dircnt.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: dircnt
|
crate: dircnt
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/dotslash.yml
vendored
2
.github/workflows/dotslash.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: dotslash
|
crate: dotslash
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/faketty.yml
vendored
2
.github/workflows/faketty.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: faketty
|
crate: faketty
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/honggfuzz.yml
vendored
2
.github/workflows/honggfuzz.yml
vendored
|
@ -13,5 +13,7 @@ jobs:
|
||||||
crate: honggfuzz
|
crate: honggfuzz
|
||||||
bin: cargo-hfuzz
|
bin: cargo-hfuzz
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/mdbook.yml
vendored
2
.github/workflows/mdbook.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: mdbook
|
crate: mdbook
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/reindeer.yml
vendored
2
.github/workflows/reindeer.yml
vendored
|
@ -13,5 +13,7 @@ jobs:
|
||||||
crate: reindeer
|
crate: reindeer
|
||||||
git: facebookincubator/reindeer
|
git: facebookincubator/reindeer
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
|
@ -14,5 +14,7 @@ jobs:
|
||||||
git: dtolnay-contrib/rustup-toolchain-install-master
|
git: dtolnay-contrib/rustup-toolchain-install-master
|
||||||
ref: nodefault
|
ref: nodefault
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/sha1dir.yml
vendored
2
.github/workflows/sha1dir.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: sha1dir
|
crate: sha1dir
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/star-history.yml
vendored
2
.github/workflows/star-history.yml
vendored
|
@ -12,5 +12,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
crate: star-history
|
crate: star-history
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
2
.github/workflows/taplo-cli.yml
vendored
2
.github/workflows/taplo-cli.yml
vendored
|
@ -14,5 +14,7 @@ jobs:
|
||||||
bin: taplo
|
bin: taplo
|
||||||
locked: true
|
locked: true
|
||||||
permissions:
|
permissions:
|
||||||
|
id-token: write
|
||||||
contents: write
|
contents: write
|
||||||
|
attestations: write
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
Loading…
Add table
Reference in a new issue