diff --git a/.github/workflows/wheel.yml b/.github/workflows/wheel.yml index 24c86674..db97adcf 100644 --- a/.github/workflows/wheel.yml +++ b/.github/workflows/wheel.yml @@ -27,6 +27,7 @@ jobs: environment: pypi permissions: id-token: write + attestations: write steps: - uses: actions/download-artifact@v4 @@ -34,4 +35,11 @@ jobs: name: Packages path: dist + - name: Generate artifact attestation for sdist and wheel + uses: actions/attest-build-provenance@v1 + with: + subject-path: "dist/*" + - uses: pypa/gh-action-pypi-publish@release/v1 + with: + attestations: true