Python
/
uv
mirror of https://github.com/astral-sh/uv
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix Docker attestations (#14133) 

These regressed in #14088 and were found during my test publish from a
fork.
This commit is contained in:
Zanie Blue 2025-06-18 13:46:30 -05:00 committed by GitHub
parent 1fc65a1d9d
commit e1046242e7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
.github/workflows/build-docker.yml vendored
View File

@ -73,8 +73,9 @@ jobs:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write # for Depot OIDC
packages: write # for GHCR
id-token: write # for Depot OIDC and GHCR signing
packages: write # for GHCR image pushes
attestations: write # for GHCR attestations
environment:
name: release
outputs:
@ -141,7 +142,7 @@ jobs:
if: ${{ needs.docker-plan.outputs.push == 'true' }}
uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v2.2.3
with:
subject-name: ${{ env.UV_BASE_IMG }}
subject-name: ${{ env.UV_GHCR_IMAGE }}
subject-digest: ${{ steps.build.outputs.digest }}
docker-publish-extra:
@ -154,9 +155,9 @@ jobs:
- docker-publish-base
if: ${{ needs.docker-plan.outputs.push == 'true' }}
permissions:
packages: write
attestations: write # needed to push image attestations to the Github attestation store
id-token: write # needed for signing the images with GitHub OIDC Token
id-token: write # for Depot OIDC and GHCR signing
packages: write # for GHCR image pushes
attestations: write # for GHCR attestations
strategy:
fail-fast: false
matrix: