ci: fix issue with deployment.

Author: funilrys

.github/workflows/main.yaml

@@ -43,13 +43,18 @@ jobs:
     name: Build and publish docker image to GitHub Packages
     runs-on: ubuntu-latest
 
+    permissions:
+      contents: read
+      packages: write
+      attestations: write
+      id-token: write
+
     steps:
       - name: Checkout Repository
         uses: actions/checkout@v5
 
       - name: Get project version
-        run:
-          echo "WEB_WORKER_VERSION=$(python setup.py --version)" >> $GITHUB_ENV
+        run: echo "WEB_WORKER_VERSION=$(python setup.py --version)" >> $GITHUB_ENV
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
@@ -67,10 +72,11 @@ jobs:
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Push stable image to GitHub Packages
+      - name: Push dev image to GitHub Packages
+        id: push_dev
         uses: docker/build-push-action@v6
         with:
           context: .
@@ -86,7 +92,8 @@ jobs:
             org.opencontainers.image.url=${{ github.event.repository.html_url }}
             org.opencontainers.image.source=https://github.com/${{ steps.repository_name_conversion.outputs.lowercase }}
 
-      - name: Push dev image to GitHub Packages
+      - name: Push stable image to GitHub Packages
+        id: push_stable
         uses: docker/build-push-action@v6
         with:
           context: .
@@ -101,3 +108,19 @@ jobs:
             org.opencontainers.image.description=${{ github.event.repository.description }}
             org.opencontainers.image.url=${{ github.event.repository.html_url }}
             org.opencontainers.image.source=https://github.com/${{ steps.repository_name_conversion.outputs.lowercase }}
+
+      - name: Generate artifact attestation for stable image
+        id: attest_stable
+        uses: actions/attest-build-provenance@v2
+        with:
+          subject-name: ghcr.io/${{ steps.repository_name_conversion.outputs.lowercase }}/web-worker-dev
+          subject-digest: ${{ steps.push_stable.outputs.digest }}
+          push-to-registry: true
+
+      - name: Generate artifact attestation for dev image
+        id: attest_dev
+        uses: actions/attest-build-provenance@v2
+        with:
+          subject-name: ghcr.io/${{ steps.repository_name_conversion.outputs.lowercase }}/web-worker
+          subject-digest: ${{ steps.push_dev.outputs.digest }}
+          push-to-registry: true

setup.py

@@ -190,6 +190,5 @@ def get_long_description():
             "Intended Audience :: Developers",
             "Programming Language :: Python",
             "Programming Language :: Python :: 3",
-            "License :: OSI Approved",
         ],
     )