File tree Expand file tree Collapse file tree 1 file changed +3
-22
lines changed Expand file tree Collapse file tree 1 file changed +3
-22
lines changed Original file line number Diff line number Diff line change 66jobs :
77 build :
88 runs-on : ubuntu-latest
9- outputs :
10- hash : ${{ steps.hash.outputs.hash }}
119 steps :
1210 - uses : actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
1311 - uses : actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
@@ -19,27 +17,11 @@ jobs:
1917 # Use the commit date instead of the current date during the build.
2018 - run : echo "SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV
2119 - run : python -m build
22- # Generate hashes used for provenance.
23- - name : generate hash
24- id : hash
25- run : cd dist && echo "hash=$(sha256sum * | base64 -w0)" >> $GITHUB_OUTPUT
2620 - uses : actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
2721 with :
2822 path : ./dist
29- provenance :
30- needs : [build]
31- permissions :
32- actions : read
33- id-token : write
34- contents : write
35- # Can't pin with hash due to how this workflow works.
36- uses :
slsa-framework/slsa-github-generator/.github/workflows/[email protected] 37- with :
38- base64-subjects : ${{ needs.build.outputs.hash }}
3923 create-release :
40- # Upload the sdist, wheels, and provenance to a GitHub release. They remain
41- # available as build artifacts for a while as well.
42- needs : [provenance]
24+ needs : [build]
4325 runs-on : ubuntu-latest
4426 permissions :
4527 contents : write
@@ -48,12 +30,11 @@ jobs:
4830 - name : create release
4931 run : >
5032 gh release create --draft --repo ${{ github.repository }}
51- ${{ github.ref_name }}
52- *.intoto.jsonl/* artifact/*
33+ ${{ github.ref_name }} artifact/*
5334env :
5435 GH_TOKEN : ${{ github.token }}
5536 publish-pypi :
56- needs : [provenance ]
37+ needs : [build ]
5738 # Wait for approval before attempting to upload to PyPI. This allows reviewing the
5839 # files in the draft release.
5940 environment :
You can’t perform that action at this time.
0 commit comments