AspireExplorer/.github/workflows/releases.yml
dependabot[bot] 90e2751d06
Bump softprops/action-gh-release from 2.4.1 to 2.5.0
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](6da8fa9354...a06a81a03e)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: 2.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-12-02 02:59:48 +00:00

46 lines
1.3 KiB
YAML

on:
push:
tags:
- "**"
name: Upload Release Asset
permissions:
contents: read
jobs:
build:
name: Upload Release Asset
runs-on: ubuntu-latest
permissions:
attestations: write
id-token: write
contents: write
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Get tag
id: tag
run: echo "tag=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
- name: Build project
run: git archive -o /tmp/${{ github.event.repository.name }}.zip --prefix=${{ github.event.repository.name }}/ ${{ steps.tag.outputs.tag }}
- name: Create Release
id: create_release
uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
files: /tmp/${{ github.event.repository.name }}.zip
- name: Build provenance attestation
uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
with:
subject-path: /tmp/${{ github.event.repository.name }}.zip