Document the requirement for an enterprise plan for private repositories.

[jsoref]

https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#create-an-attestation points to this action.

But afaict, neither that document nor this action mention that for private repositories the repository needs to be on an enterprise plan. It was mentioned in the announcement but users shouldn't be forced to search through random blogs to find technical/billing details.

[bdehamer]

There's a note in the README on this repo which explains the which plans support Artifact Attestations

It's also described at the top of the documentation for this feature:

https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds

[jsoref]

Hmm.

1. I was expecting the block to be in usage not description
2. the block is way too long

Note

Artifact attestations are available in public repositories for all
current GitHub plans.

To use artifact attestations in private repositories, the repository
must be in an organization with a GitHub Enterprise Cloud plan.

I'm pretty sure that you can't use an internal repository without using an Enterprise plan.

It's unclear from this text if you can use the feature with GitHub Enterprise Server.