From f96a074fd9c4c721e70a7310007c5817ba918bd6 Mon Sep 17 00:00:00 2001
From: Siddhesh Mhadnak <siddheshmhadnak@gofynd.com>
Date: Sat, 3 Aug 2024 19:26:04 +0530
Subject: [PATCH] ci(docker-build-push): permit writing attestations

https://github.com/darbiadev/.github/pull/137
Signed-off-by: Siddhesh Mhadnak <siddheshmhadnak@gofynd.com>
---
 .github/workflows/image-build-push.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/image-build-push.yaml b/.github/workflows/image-build-push.yaml
index 1c3b300..76ef3cd 100644
--- a/.github/workflows/image-build-push.yaml
+++ b/.github/workflows/image-build-push.yaml
@@ -15,6 +15,9 @@ permissions:
   # This is used to complete the identity challenge with sigstore/fulcio.
   id-token: write
 
+  # This is used to attest build provenance
+  attestations: write
+
 jobs:
   build-push:
     uses: darbiadev/.github/.github/workflows/docker-build-push.yaml@12e07d61ed37c908baa73f8d5550281b3ed9cddd # v13.1.2