From efb7600aa1b9f9d630d9c95b79d100919965eda1 Mon Sep 17 00:00:00 2001
From: Reaper Gelera <ahoy@barelyhuman.dev>
Date: Wed, 26 Jun 2024 04:11:35 +0530
Subject: [PATCH] ci: fix attestation perms

---
 .github/workflows/docker-pub.yml | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/docker-pub.yml b/.github/workflows/docker-pub.yml
index 80ab433..6b146bc 100644
--- a/.github/workflows/docker-pub.yml
+++ b/.github/workflows/docker-pub.yml
@@ -1,6 +1,9 @@
 name: Docker Pub
 
-on: workflow_dispatch
+on: 
+  - workflow_dispatch
+  - schedule:
+    - cron: "0 0 * * *"
 
 jobs:
   build:
@@ -10,9 +13,15 @@ jobs:
       contents: read
       packages: write
       attestations: write
+      id-token: write
+      
     steps:
       - name: Checkout the repository
         uses: actions/checkout@v4
+      
+      - name: Get current date
+        id: date
+        run: echo "::set-output name=date::$(date +'%Y-%m-%d')"
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
@@ -27,7 +36,7 @@ jobs:
           password: ${{ secrets.GH_TOKEN }}
 
       - name: Build Meta
-        run: echo "::set-output name=dtag::ghcr.io/barelyhuman/goblin:nightly"
+        run: echo "::set-output name=dtag::ghcr.io/barelyhuman/goblin:nightly-${{ steps.date.outputs.date }}"
         id: meta
 
       - name: Build and push
@@ -47,6 +56,6 @@ jobs:
       - name: Generate artifact attestation
         uses: actions/attest-build-provenance@v1
         with:
-          subject-name: ghcr.io/barelyhuman/goblin:nightly
+          subject-name: ghcr.io/barelyhuman/goblin:nightly-${{ steps.date.outputs.date }}
           subject-digest: ${{ steps.push.outputs.digest }}
           push-to-registry: true