mirrors/uv
1
0
Fork 0
mirror of https://github.com/astral-sh/uv.git synced 2025-11-19 03:28:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix github attestations of releases (#16530)

Browse source
This commit is contained in:
Aria Desires 2025-10-30 22:31:19 -04:00 committed by GitHub
parent 0adb444806
commit d71ae61c0b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 7 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

10
.github/workflows/release.yml vendored
View file

@ -68,7 +68,7 @@ jobs:
# we specify bash to get pipefail; it guards against the `curl` command # we specify bash to get pipefail; it guards against the `curl` command
# failing. otherwise `sh` won't catch that `curl` returned non-0 # failing. otherwise `sh` won't catch that `curl` returned non-0
shell: bash shell: bash
run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.30.1/cargo-dist-installer.sh | sh" run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.30.2/cargo-dist-installer.sh | sh"
- name: Cache dist - name: Cache dist
uses: actions/upload-artifact@6027e3dd177782cd8ab9af838c04fd81a07f1d47 uses: actions/upload-artifact@6027e3dd177782cd8ab9af838c04fd81a07f1d47
with: with:
@ -175,10 +175,6 @@ jobs:
runs-on: "depot-ubuntu-latest-4" runs-on: "depot-ubuntu-latest-4"
outputs: outputs:
val: ${{ steps.host.outputs.manifest }} val: ${{ steps.host.outputs.manifest }}
permissions:
"attestations": "write"
"contents": "write"
"id-token": "write"
steps: steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with: with:
@ -237,6 +233,10 @@ jobs:
# "host" however must run to completion, no skipping allowed! # "host" however must run to completion, no skipping allowed!
if: ${{ always() && needs.host.result == 'success' && (needs.custom-publish-pypi.result == 'skipped' || needs.custom-publish-pypi.result == 'success') }} if: ${{ always() && needs.host.result == 'success' && (needs.custom-publish-pypi.result == 'skipped' || needs.custom-publish-pypi.result == 'success') }}
runs-on: "depot-ubuntu-latest-4" runs-on: "depot-ubuntu-latest-4"
permissions:
"attestations": "write"
"contents": "write"
"id-token": "write"
env: env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps: steps:

4
dist-workspace.toml
View file

@ -4,7 +4,7 @@ members = ["cargo:."]
# Config for 'dist' # Config for 'dist'
[dist] [dist]
# The preferred dist version to use in CI (Cargo.toml SemVer syntax) # The preferred dist version to use in CI (Cargo.toml SemVer syntax)
cargo-dist-version = "0.30.1" cargo-dist-version = "0.30.2"
# Whether to consider the binaries in a package for distribution (defaults true) # Whether to consider the binaries in a package for distribution (defaults true)
dist = false dist = false
# CI backends to support # CI backends to support
@ -49,7 +49,7 @@ github-release = "announce"
# Whether to enable GitHub Attestations # Whether to enable GitHub Attestations
github-attestations = true github-attestations = true
# When to generate GitHub Attestations # When to generate GitHub Attestations
github-attestations-phase = "host" github-attestations-phase = "announce"
# Patterns to attest when creating attestations for release artifacts # Patterns to attest when creating attestations for release artifacts
github-attestations-filters = ["*.json", "*.sh", "*.ps1", "*.zip", "*.tar.gz"] github-attestations-filters = ["*.json", "*.sh", "*.ps1", "*.zip", "*.tar.gz"]
# Whether CI should include auto-generated code to build local artifacts # Whether CI should include auto-generated code to build local artifacts