From 993a98efcba2a831bb0233b2c233f4130c236496 Mon Sep 17 00:00:00 2001 From: "Syuugo (Inspection)" <112163166+s1204-inspect@users.noreply.github.com> Date: Fri, 7 Jun 2024 14:01:12 +0900 Subject: [PATCH] =?UTF-8?q?Attest=20=E3=82=92=E8=BF=BD=E5=8A=A0=20(#136)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Syuugo --- .github/workflows/build.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b322ac91..8972e144 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,6 +23,8 @@ jobs: runs-on: ubuntu-latest permissions: contents: write + id-token: write + attestations: write steps: - name: Checkout @@ -47,14 +49,14 @@ jobs: - name: Get previous version name uses: oprypin/find-latest-tag@v1.1.2 - if: github.event.inputs.release == 'true' + if: github.event.inputs.release id: previous with: repository: ${{ github.repository }} releases-only: true - name: Release check - if: github.event.inputs.release == 'true' + if: github.event.inputs.release run: | if [ "${{ secrets.STORE_FILE }}" == "" ]; then echo -e "\nERROR!\nTo release, you need to set up a signing key! \n" @@ -85,6 +87,12 @@ jobs: ./gradlew assembleDebug --no-daemon --stacktrace fi + - name: Attest + uses: actions/attest-build-provenance@v1 + if: github.event.inputs.release != 'true' + with: + subject-path: app/build/outputs/apk/debug/app-debug.apk + - name: Upload APK uses: actions/upload-artifact@v4 if: github.event.inputs.release != 'true' @@ -94,7 +102,7 @@ jobs: - name: Release uses: softprops/action-gh-release@v2 - if: github.event.inputs.release == 'true' + if: github.event.inputs.release with: tag_name: ${{ env.version }} draft: false