From 6a782e169f4bae1316d317fada835e1a62932aa7 Mon Sep 17 00:00:00 2001
From: Hynek Schlawack <hs@ox.cx>
Date: Mon, 13 May 2024 08:26:52 +0200
Subject: [PATCH] Try out attestation in CI

---
 .github/workflows/ci.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 72a8c6e..fccc51a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -12,6 +12,10 @@ env:
   SETUPTOOLS_SCM_PRETEND_VERSION: "1.0" # avoid warnings about shallow checkout
   UV_SYSTEM_PYTHON: "true"  # ensure action can deal with this set
 
+permissions:
+  id-token: write
+  attestations: write
+
 jobs:
   check-argon2-cffi-bindings:
     name: Build & verify the argon2-cffi-bindings package.
@@ -53,6 +57,7 @@ jobs:
         with:
           path: structlog
           upload-name-suffix: "-structlog"
+          attest-build-provenance-github: "true"
 
       - run: echo Packages can be found at ${{ steps.baipp.outputs.dist }}