Skip to content

ci: extend artifact attestations to all release binaries#1398

Merged
TaylorMutch merged 1 commit into
NVIDIA:mainfrom
mesutoezdil:ci/1364-artifact-attestations
May 18, 2026
Merged

ci: extend artifact attestations to all release binaries#1398
TaylorMutch merged 1 commit into
NVIDIA:mainfrom
mesutoezdil:ci/1364-artifact-attestations

Conversation

@mesutoezdil
Copy link
Copy Markdown
Contributor

@mesutoezdil mesutoezdil commented May 15, 2026

Summary

  • The VM driver artifacts were already attested in the release workflow.
  • This extends the attest step to cover CLI, gateway, supervisor, deb, rpm, and wheel artifacts using glob patterns instead of explicit file lists.
  • All release binaries can now be verified with gh attestation verify.

Related Issue

Closes #1364

Changes

Replaced the VM-only actions/attest@v4 step with a single step that covers all release artifact types via globs. No new permissions needed as id-token: write and attestations: write were already set on the job.

Testing

  • Attestation behavior is validated at release time by the workflow itself.
  • The glob patterns match exactly the files produced by the build jobs and downloaded into the release/ directory.

Checklist

  • Follows Conventional Commits format
  • Signed-off-by included
  • No unrelated changes

@mesutoezdil
ci: extend artifact attestations to all release binaries
1a35709 
The VM driver artifacts were already attested. Expand the attest step
to cover CLI, gateway, supervisor, deb, rpm, and wheel artifacts so all
release binaries can be verified with gh attestation verify.

Signed-off-by: mesutoezdil <mesudozdil@gmail.com>
@copy-pr-bot
Copy link
Copy Markdown

copy-pr-bot Bot commented May 15, 2026

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

@mesutoezdil mesutoezdil mentioned this pull request May 15, 2026
Closed
@TaylorMutch TaylorMutch merged commit 702bb56 into NVIDIA:main May 18, 2026
5 of 6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@drew drew drew approved these changes

@mrunalp mrunalp Awaiting requested review from mrunalp mrunalp is a code owner

@maxamillion maxamillion Awaiting requested review from maxamillion maxamillion is a code owner

@derekwaynecarr derekwaynecarr Awaiting requested review from derekwaynecarr derekwaynecarr is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add GitHub artifact attestations for release binaries

3 participants

@mesutoezdil @drew @TaylorMutch