File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 66jobs :
77 build :
88 runs-on : ubuntu-latest
9- outputs :
10- hash : ${{ steps.hash.outputs.hash }}
119 steps :
1210 - uses : actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
1311 - uses : actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
@@ -22,27 +20,11 @@ jobs:
2220 python -m pip install -U pip
2321 pip install tox
2422 tox -e makedist
25- # Generate hashes used for provenance.
26- - name : generate hash
27- id : hash
28- run : cd dist && echo "hash=$(sha256sum * | base64 -w0)" >> $GITHUB_OUTPUT
2923 - uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
3024 with :
3125 path : ./dist
32- provenance :
33- needs : [build]
34- permissions :
35- actions : read
36- id-token : write
37- contents : write
38- # Can't pin with hash due to how this workflow works.
39- uses : slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0
40- with :
41- base64-subjects : ${{ needs.build.outputs.hash }}
4226 create-release :
43- # Upload the sdist, wheels, and provenance to a GitHub release. They remain
44- # available as build artifacts for a while as well.
45- needs : [provenance]
27+ needs : [build]
4628 runs-on : ubuntu-latest
4729 permissions :
4830 contents : write
@@ -51,12 +33,11 @@ jobs:
5133 - name : create release
5234 run : >
5335 gh release create --draft --repo ${{ github.repository }}
54- ${{ github.ref_name }}
55- *.intoto.jsonl/* artifact/*
36+ ${{ github.ref_name }} artifact/*
5637 env :
5738 GH_TOKEN : ${{ github.token }}
5839 publish-pypi :
59- needs : [provenance ]
40+ needs : [build ]
6041 # Wait for approval before attempting to upload to PyPI. This allows reviewing the
6142 # files in the draft release.
6243 environment :
You can’t perform that action at this time.
0 commit comments