added attest-build-provenance in the ci

Author: maxisoft

.github/workflows/publish.yml

@@ -169,6 +169,9 @@ jobs:
     if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') }}
     needs: publish
     runs-on: ubuntu-latest
+    permissions:
+        id-token: write
+        attestations: write
 
     steps:
     - name: Checkout code
@@ -183,6 +186,16 @@ jobs:
         name: windows-latest_${{ env.PLUGIN_NAME }}-generic
         path: out
 
+    - name: Unzip and copy generic artifact
+      run: |
+        mkdir -p attest_provenance
+        unzip out/${{ env.PLUGIN_NAME }}-generic.zip -d attest_provenance
+        cp --archive out/${{ env.PLUGIN_NAME }}-generic.zip attest_provenance
+
+    - uses: actions/attest-build-provenance@v1
+      with:
+          subject-path: 'attest_provenance/*'
+
     - name: Create GitHub release
       id: github_release
       uses: actions/create-release@v1.1.4