build: sign artifacts with sigstorenedbat/sigstore-kit

author: Ned Batchelder <ned@nedbatchelder.com> 2023-05-14 20:31:41 -0400
committer: Ned Batchelder <ned@nedbatchelder.com> 2023-05-14 21:07:24 -0400
commit: 6fef5bb6746ecd7bbc1886aab76bb6be954a95c3 (patch)
tree: 8e18ba489bce806ccf213efb86e0989431bc6c6c
parent: 610a56fb7ef43614be8752c4561c6c0f118db021 (diff)
download: python-coveragepy-git-nedbat/sigstore-kit.tar.gz
1 files changed, 25 insertions, 0 deletions
diff --git a/.github/workflows/kit.yml b/.github/workflows/kit.yml
index 179f7a64..679eeed4 100644
--- a/.github/workflows/kit.yml
+++ b/.github/workflows/kit.yml
@@ -241,3 +241,28 @@ jobs:
         with:
           name: dist
           path: dist/*.whl
+
+  sign:
+    name: "Sign artifacts"
+    needs:
+      - wheels
+      - sdist
+      - pypy
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+    steps:
+      - name: "Download artifacts"
+        uses: actions/download-artifact@v3
+        with:
+          name: dist
+
+      - name: "What did we get?"
+        run: |
+          ls -alR
+
+      - name: "Sign"
+        uses: sigstore/gh-action-sigstore-python@v1.2.3
+        with:
+          inputs: coverage-*.*
+          upload-signing-artifacts: true
author	Ned Batchelder <ned@nedbatchelder.com>	2023-05-14 20:31:41 -0400
committer	Ned Batchelder <ned@nedbatchelder.com>	2023-05-14 21:07:24 -0400
commit	6fef5bb6746ecd7bbc1886aab76bb6be954a95c3 (patch)
tree	8e18ba489bce806ccf213efb86e0989431bc6c6c
parent	610a56fb7ef43614be8752c4561c6c0f118db021 (diff)
download	python-coveragepy-git-nedbat/sigstore-kit.tar.gz