Skip to content

Commit

Permalink
Add attestation with sbom
Browse files Browse the repository at this point in the history
Signed-off-by: C0D3 M4513R <[email protected]>
  • Loading branch information
C0D3-M4513R committed Jun 10, 2024
1 parent e54df3d commit d377db6
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions .github/workflows/rust.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@ on:
branches: [main]
permissions:
contents: write
id-token: write
attestations: write
actions: read

jobs:
create-release:
Expand Down Expand Up @@ -101,6 +104,16 @@ jobs:
uses: mozilla-actions/[email protected]
- name: Run build
run: cargo build --target ${{ matrix.target }} --release --package ${{ matrix.package }} --bin ${{ matrix.package }}
- uses: anchore/sbom-action@v0
with:
artifact-name: "${{ matrix.package }}-${{ matrix.name }}-sbom.spdx.json"
output-file: "${{ matrix.package }}-${{ matrix.name }}-sbom.spdx.json"
- uses: actions/attest-sbom@v1
with:
subject-path: |
target/${{ matrix.target }}/release/${{ matrix.package }}*(?<!\.d)(?<!\.pdb)
sbom-path: "${{ matrix.package }}-${{ matrix.name }}-sbom.spdx.json"
push-to-registry: false
- name: Upload build artifact
uses: actions/upload-artifact@v4
with:
Expand Down

0 comments on commit d377db6

Please sign in to comment.