OpenCHAMI · alexlovelltroy · Nov 22, 2024 · Nov 22, 2024 · Nov 22, 2024 · Nov 22, 2024
diff --git a/.github/workflows/hydrun.yaml b/.github/workflows/hydrun.yaml
@@ -1,16 +1,20 @@
 name: hydrun CI
 
+
 on:
   push:
   pull_request:
   schedule:
     - cron: "0 0 * * 0"
+  workflow_dispatch:
 
 jobs:
   build-linux:
     runs-on: ${{ matrix.target.runner }}
     permissions:
+      id-token: write
       contents: read
+      attestations: write
     strategy:
       matrix:
         target:
@@ -51,10 +55,14 @@ jobs:
           path: |
             /tmp/ccache
           key: cache-ccache-${{ matrix.target.id }}
+      - name: Attest output
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-path: ${{ matrix.target.dst }}
+
       - name: Upload output
         uses: actions/upload-artifact@v4
         with:
-          name: ${{ matrix.target.id }}
           path: ${{ matrix.target.dst }}
 
   publish-linux:
@@ -71,16 +79,19 @@ jobs:
         with:
           path: /tmp/out
       - name: Extract branch name
+        shell: bash
+        run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
         id: extract_branch
-        run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
+
       - name: Publish pre-release to GitHub releases
-        if: ${{ github.ref == 'refs/heads/main' }}
+        if: startsWith(github.ref, 'refs/heads/main')
         uses: softprops/action-gh-release@v2
         with:
           tag_name: release-${{ steps.extract_branch.outputs.branch }}
           prerelease: true
           files: |
             /tmp/out/*/*
+
       - name: Publish release to GitHub releases
         if: startsWith(github.ref, 'refs/tags/v')
         uses: softprops/action-gh-release@v2