summaryrefslogtreecommitdiff
path: root/.github
diff options
context:
space:
mode:
Diffstat (limited to '.github')
-rw-r--r--.github/workflows/release.yml6
1 files changed, 6 insertions, 0 deletions
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index d67f875..8ab9488 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -20,6 +20,12 @@ jobs:
GO_SEMVER: '~1.19.0'
runs-on: ${{ matrix.os }}
+ # https://github.com/sigstore/cosign/issues/1258#issuecomment-1002251233
+ # https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings
+ permissions:
+ id-token: write
+ # https://docs.github.com/en/rest/overview/permissions-required-for-github-apps#permission-on-contents
+ contents: read
steps:
- name: Install Go
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 10:57:40 +0000