external/secretive
1
0
Fork 0
mirror of https://github.com/maxgoedjen/secretive.git synced 2026-05-12 10:28:59 +02:00
Code Issues Projects Releases Wiki Activity

Update to use actions/attest (#806)

Browse Source 
* Update to use actions/attest

* Update oneoff.yml

* Update release

* Update nightly
This commit is contained in:
Max Goedjen
2026-05-11 13:55:14 -07:00
committed by GitHub
parent 437386b87e
commit fbc4133f39
3 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/nightly.yml vendored
View File

@@ -11,6 +11,7 @@ jobs:
id-token: write id-token: write
contents: write contents: write
attestations: write attestations: write
artifact-metadata: write
actions: read actions: read
timeout-minutes: 10 timeout-minutes: 10
steps: steps:
@@ -40,7 +41,7 @@ jobs:
run: mkdir Artifact; cp -r Archive.xcarchive/Products/Applications/Secretive.app Artifact run: mkdir Artifact; cp -r Archive.xcarchive/Products/Applications/Secretive.app Artifact
- name: Upload App to Artifacts - name: Upload App to Artifacts
id: upload id: upload
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v7
with: with:
name: Secretive name: Secretive
path: Artifact path: Artifact
@@ -59,7 +60,7 @@ jobs:
run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip
- name: Attest - name: Attest
id: attest id: attest
uses: actions/attest-build-provenance@v2 uses: uses: actions/attest@v4
with: with:
subject-name: "Secretive.zip" subject-name: "Secretive.zip"
subject-digest: sha256:${{ steps.upload.outputs.artifact-digest }} subject-digest: sha256:${{ steps.upload.outputs.artifact-digest }}

5
.github/workflows/oneoff.yml vendored
View File

@@ -10,6 +10,7 @@ jobs:
id-token: write id-token: write
contents: write contents: write
attestations: write attestations: write
artifact-metadata: write
actions: read actions: read
timeout-minutes: 10 timeout-minutes: 10
steps: steps:
@@ -39,7 +40,7 @@ jobs:
run: mkdir Artifact; cp -r Archive.xcarchive/Products/Applications/Secretive.app Artifact run: mkdir Artifact; cp -r Archive.xcarchive/Products/Applications/Secretive.app Artifact
- name: Upload App to Artifacts - name: Upload App to Artifacts
id: upload id: upload
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v7
with: with:
name: Secretive name: Secretive
path: Artifact path: Artifact
@@ -58,7 +59,7 @@ jobs:
run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip
- name: Attest - name: Attest
id: attest id: attest
uses: actions/attest-build-provenance@v2 uses: actions/attest@v4
with: with:
subject-name: "Secretive.zip" subject-name: "Secretive.zip"
subject-digest: sha256:${{ steps.upload.outputs.artifact-digest }} subject-digest: sha256:${{ steps.upload.outputs.artifact-digest }}

5
.github/workflows/release.yml vendored
View File

@@ -32,6 +32,7 @@ jobs:
id-token: write id-token: write
contents: write contents: write
attestations: write attestations: write
artifact-metadata: write
actions: read actions: read
runs-on: macos-26 runs-on: macos-26
timeout-minutes: 10 timeout-minutes: 10
@@ -63,7 +64,7 @@ jobs:
run: mkdir Artifact; cp -r Archive.xcarchive/Products/Applications/Secretive.app Artifact run: mkdir Artifact; cp -r Archive.xcarchive/Products/Applications/Secretive.app Artifact
- name: Upload App to Artifacts - name: Upload App to Artifacts
id: upload id: upload
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v7
with: with:
name: Secretive.zip name: Secretive.zip
path: Artifact path: Artifact
@@ -82,7 +83,7 @@ jobs:
run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip
- name: Attest - name: Attest
id: attest id: attest
uses: actions/attest-build-provenance@v2 uses: actions/attest@v4
with: with:
subject-path: "Secretive.zip" subject-path: "Secretive.zip"
- name: Create Release - name: Create Release