From 4fd73733042e057e5ecd4a5486fded66366de57e Mon Sep 17 00:00:00 2001
From: Max Goedjen <max.goedjen@gmail.com>
Date: Tue, 19 Aug 2025 00:36:35 -0700
Subject: [PATCH] Write.

---
 .github/templates/release.md  | 2 +-
 .github/workflows/release.yml | 6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/.github/templates/release.md b/.github/templates/release.md
index 071da11..c406f69 100644
--- a/.github/templates/release.md
+++ b/.github/templates/release.md
@@ -13,4 +13,4 @@ Update description
 https://github.com/maxgoedjen/secretive/actions/runs/RUN_ID
 
 ## Attestation
-https://github.com/maxgoedjen/secretive/actions/runs/RUN_ID
+https://github.com/maxgoedjen/secretive/attestations/ATTESTATION_ID
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a400cf2..a4fa8fa 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -29,7 +29,7 @@ jobs:
     runs-on: macos-15
     permissions:
       id-token: write
-      contents: read
+      contents: write
       attestations: write
     timeout-minutes: 10
     steps:
@@ -71,12 +71,16 @@ jobs:
         subject-path: 'Secretive.zip, Xcode_Archive.zip'
     - name: Create Release
       run: |
+            sed -i.tmp "s/RUN_ID/$RUN_ID/g" .github/templates/release.md
+            sed -i.tmp "s/ATTESTATION_ID/$ATTESTATION_ID/g" .github/templates/release.md
             gh release create $TAG_NAME -d -F .github/templates/release.md
             gh release upload Secretive.zip
             gh release upload Xcode_Archive.zip
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         TAG_NAME: ${{ github.ref }}
+        RUN_ID: ${{ github.run_id }}
+        
     - name: Upload App to Artifacts
       uses: actions/upload-artifact@v4
       with: