From 2f698e4c9747eb035a951186966cfda7aec7359c Mon Sep 17 00:00:00 2001 From: grandizzy <38490174+grandizzy@users.noreply.github.com> Date: Fri, 13 Dec 2024 08:15:05 +0200 Subject: [PATCH] fix(release): allow contents write permission, run attestation after release created (#9550) fix(release): allow contents write permission, run attestation after release published --- .github/workflows/release.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d6b2018d1d84..3e2dac1e8001 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -69,7 +69,7 @@ jobs: release: permissions: id-token: write - contents: read + contents: write attestations: write name: ${{ matrix.target }} (${{ matrix.runner }}) runs-on: ${{ matrix.runner }} @@ -163,15 +163,6 @@ jobs: echo "${name}_bin_path=${bin}" >> $GITHUB_ENV done - - name: Binaries attestation - uses: actions/attest-build-provenance@v2 - with: - subject-path: | - ${{ env.anvil_bin_path }} - ${{ env.cast_bin_path }} - ${{ env.chisel_bin_path }} - ${{ env.forge_bin_path }} - - name: Archive binaries id: artifacts env: @@ -228,6 +219,15 @@ jobs: ${{ steps.artifacts.outputs.file_name }} ${{ steps.man.outputs.foundry_man }} + - name: Binaries attestation + uses: actions/attest-build-provenance@v2 + with: + subject-path: | + ${{ env.anvil_bin_path }} + ${{ env.cast_bin_path }} + ${{ env.chisel_bin_path }} + ${{ env.forge_bin_path }} + # If this is a nightly release, it also updates the release # tagged `nightly` for compatibility with `foundryup` - name: Update nightly release