GitHub Artifact Attestations

GitHub's Artifact Attestations feature - currently in public beta - allows for the creation of a tamper-proof, unforgeable paper trail linking build artifacts to the process which created it. Artifact Attestations is powered by Sigstore, an open source project for signing and verifying software artifacts.

Artifact Attestations is disabled by default in dist, and can be enabled by setting github-attestations = true

Note that GitHub's Artifact Attestations only supports public repositories and private repositories of an organization with the GitHub Enterprise plan. In the case of public repositories, attestations generated by GitHub Actions will be written to the Sigstore Public Good Instance and end up on Rekor, Sigstore's immutable ledger, for public verification.

Currently, verification of GitHub Artifact Attestations is only supported via GitHub CLI with gh attestation verify.

The phase in which attestations occur can be configured using the github-attestations-phase setting. By default, attestations occur during the build-local-artifacts phase. This can be be changed to the host phase, which is particularly useful when build-local-artifacts is set to false.

When performing attestations in the host phase, you can control what gets attested by using the github-attestations-filters setting.

This setting yields the following attestation step by default:

- name: Attest
  uses: actions/attest-build-provenance@v2
  with:
    subject-path: |
      artifacts/*

When set to a different set of values such as github-attestations-filters = ["*.json", "*.sh", "*.ps1", "*.zip", "*.tar.gz"] it yields:

- name: Attest
  uses: actions/attest-build-provenance@v2
  with:
    subject-path: |
      artifacts/*.json
      artifacts/*.sh
      artifacts/*.ps1
      artifacts/*.zip
      artifacts/*.tar.gz