Security for GitHub Actions

Use security best practices with GitHub Actions, and use GitHub Actions to improve the security of your software supply chain.

Using artifact attestations

Use artifact attestations to establish build provenance for the software you produce and to verify the software you consume.

在工作流程中使用 OpenID Connect 向云提供商进行身份验证。