From 69a1b13a188418b13fc65dac28d33234acdaa1d7 Mon Sep 17 00:00:00 2001
From: John Kleinschmidt <kleinschmidtorama@gmail.com>
Date: Tue, 10 Feb 2026 16:33:12 -0500
Subject: [PATCH] set id-token for attestation

---
 .github/workflows/pipeline-electron-build-and-test-and-nan.yml   | 1 +
 .github/workflows/pipeline-electron-build-and-test.yml           | 1 +
 .../pipeline-electron-build-and-tidy-and-test-and-nan.yml        | 1 +
 .github/workflows/pipeline-electron-build-and-tidy-and-test.yml  | 1 +
 .github/workflows/pipeline-segment-electron-build.yml            | 1 +
 5 files changed, 5 insertions(+)

diff --git a/.github/workflows/pipeline-electron-build-and-test-and-nan.yml b/.github/workflows/pipeline-electron-build-and-test-and-nan.yml
index 8ba78ac23f..182d6f8e87 100644
--- a/.github/workflows/pipeline-electron-build-and-test-and-nan.yml
+++ b/.github/workflows/pipeline-electron-build-and-test-and-nan.yml
@@ -66,6 +66,7 @@ jobs:
     uses: ./.github/workflows/pipeline-segment-electron-build.yml
     permissions:
       contents: read
+      id-token: write
     with:
       build-runs-on: ${{ inputs.build-runs-on }}
       build-container: ${{ inputs.build-container }}
diff --git a/.github/workflows/pipeline-electron-build-and-test.yml b/.github/workflows/pipeline-electron-build-and-test.yml
index 258bd969d7..735e314633 100644
--- a/.github/workflows/pipeline-electron-build-and-test.yml
+++ b/.github/workflows/pipeline-electron-build-and-test.yml
@@ -71,6 +71,7 @@ jobs:
     uses: ./.github/workflows/pipeline-segment-electron-build.yml
     permissions:
       contents: read
+      id-token: write
     with:
       build-runs-on: ${{ inputs.build-runs-on }}
       build-container: ${{ inputs.build-container }}
diff --git a/.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml b/.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml
index 2cbe33ec7b..93b3233fe2 100644
--- a/.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml
+++ b/.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml
@@ -75,6 +75,7 @@ jobs:
     uses: ./.github/workflows/pipeline-segment-electron-build.yml
     permissions:
       contents: read
+      id-token: write
     with:
       build-runs-on: ${{ inputs.build-runs-on }}
       build-container: ${{ inputs.build-container }}
diff --git a/.github/workflows/pipeline-electron-build-and-tidy-and-test.yml b/.github/workflows/pipeline-electron-build-and-tidy-and-test.yml
index 103aafaa04..38433308c3 100644
--- a/.github/workflows/pipeline-electron-build-and-tidy-and-test.yml
+++ b/.github/workflows/pipeline-electron-build-and-tidy-and-test.yml
@@ -80,6 +80,7 @@ jobs:
     uses: ./.github/workflows/pipeline-segment-electron-build.yml
     permissions:
       contents: read
+      id-token: write
     with:
       build-runs-on: ${{ inputs.build-runs-on }}
       build-container: ${{ inputs.build-container }}
diff --git a/.github/workflows/pipeline-segment-electron-build.yml b/.github/workflows/pipeline-segment-electron-build.yml
index a70ac7e9d5..a65621dca4 100644
--- a/.github/workflows/pipeline-segment-electron-build.yml
+++ b/.github/workflows/pipeline-segment-electron-build.yml
@@ -90,6 +90,7 @@ jobs:
     runs-on: ${{ inputs.build-runs-on }}
     permissions:
       contents: read
+      id-token: write
     container: ${{ fromJSON(inputs.build-container) }}
     environment: ${{ inputs.environment }}
     env: