From de8711b26b789a3a581323f022df79a537281ea1 Mon Sep 17 00:00:00 2001
From: CSR2017 <suganya@imanisoftware.com>
Date: Mon, 29 Jul 2024 12:50:22 -0500
Subject: [PATCH 1/3] Fix vscode-metaed-ide extension publishing problems

rename
---
 .github/workflows/on-prerelease.yml | 79 ++++++++++-------------------
 1 file changed, 26 insertions(+), 53 deletions(-)

diff --git a/.github/workflows/on-prerelease.yml b/.github/workflows/on-prerelease.yml
index 544182b..525965f 100644
--- a/.github/workflows/on-prerelease.yml
+++ b/.github/workflows/on-prerelease.yml
@@ -107,39 +107,22 @@ jobs:
       actions: read
       contents: write
     steps:
-      - name: Securely retrieve the package from artifacts
-        uses: Ed-Fi-Alliance-OSS/slsa-github-generator/.github/actions/secure-download-artifact@main
-        with:
+     - name: Securely retrieve the package from artifacts
+       uses: Ed-Fi-Alliance-OSS/slsa-github-generator/.github/actions/secure-download-artifact@main
+       with:
           name: vscode-metaed.vsix
           path: vscode-metaed.vsix
           sha256: "${{ needs.package.outputs.hash-code }}"
-
-      - name: Attach to release
-        shell: pwsh
-        run: |
-          $release = "${{ github.ref_name }}"
-          $repo = "${{ github.repository }}"
-          $token = "${{ env.GITHUB_TOKEN }}"
-          $uploadName = "vscode-metaed.vsix"
-
-          $url = "https://api.github.com/repos/$repo/releases/tags/$release"
-
-          $gh_headers = @{
-              "Accept"        = "application/vnd.github+json"
-              "Authorization" = "Bearer $token"
-          }
-
-          $response = Invoke-RestMethod -Uri $url -Headers $gh_headers
-          $releaseId = $response.id
-
-          $url = "https://uploads.github.com/repos/$repo/releases/$releaseId/assets"
-
-          $gh_headers["Content-Type"] = "application/octet"
-          Invoke-RestMethod -Method POST `
-              -Uri "$($url)?name=$($uploadName)" `
-              -Headers $gh_headers `
-              -InFile $uploadName
-
+          
+     - name: Attach to release
+       uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 #v1.0.2
+       env:
+          GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }}
+       with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: ./vscode-metaed.vsix
+          asset_name: vscode-metaed.vsix
+          asset_content_type: application/octet
 
   sbom-attach:
     name: Attach SBOM file
@@ -156,31 +139,21 @@ jobs:
           path: ${{ env.MANIFEST_FILE }}
           sha256: "${{ needs.package.outputs.sbom-hash-code }}"
 
-      - name: Attach to release
+      - name: Compress SBOM file
+        id: compress
         shell: pwsh
         run: |
-          $release = "${{ github.ref_name }}"
-          $repo = "${{ github.repository }}"
-          $token = "${{ secrets.GITHUB_TOKEN }}"
           $file = "${{ env.MANIFEST_FILE }}"
           $uploadName = "${{ env.PACKAGE_NAME }}-SBOM.zip"
-
-          $url = "https://api.github.com/repos/$repo/releases/tags/$release"
-
-          $gh_headers = @{
-              "Accept"        = "application/vnd.github+json"
-              "Authorization" = "Bearer $token"
-          }
-
-          $response = Invoke-RestMethod -Uri $url -Headers $gh_headers
-          $releaseId = $response.id
-
-          $url = "https://uploads.github.com/repos/$repo/releases/$releaseId/assets"
-
           Compress-Archive $file -DestinationPath $uploadName
-
-          $gh_headers["Content-Type"] = "application/octet"
-          Invoke-RestMethod -Method POST `
-              -Uri "$($url)?name=$($uploadName)" `
-              -Headers $gh_headers `
-              -InFile $uploadName
\ No newline at end of file
+          "uploadName=$uploadName" >> $env:GITHUB_OUTPUT
+        
+      - name: Attach to release
+        uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 #v1.0.2
+        env:
+          GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: "./${{ steps.compress.outputs.uploadName }}"
+          asset_name: "${{ steps.compress.outputs.uploadName }}"
+          asset_content_type: application/octet
\ No newline at end of file

From 723b2ee11bed4ed1c6b80e9c87f72ff7dc0b6b48 Mon Sep 17 00:00:00 2001
From: CSR2017 <suganya@imanisoftware.com>
Date: Mon, 29 Jul 2024 15:46:18 -0500
Subject: [PATCH 2/3] Use action-gh-release

---
 .github/workflows/on-prerelease.yml | 20 ++++++--------------
 1 file changed, 6 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/on-prerelease.yml b/.github/workflows/on-prerelease.yml
index 525965f..eef77ec 100644
--- a/.github/workflows/on-prerelease.yml
+++ b/.github/workflows/on-prerelease.yml
@@ -115,14 +115,10 @@ jobs:
           sha256: "${{ needs.package.outputs.hash-code }}"
           
      - name: Attach to release
-       uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 #v1.0.2
-       env:
-          GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }}
+       uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 #v2.0.8
+       if: startsWith(github.ref, 'refs/tags/')
        with:
-          upload_url: ${{ github.event.release.upload_url }}
-          asset_path: ./vscode-metaed.vsix
-          asset_name: vscode-metaed.vsix
-          asset_content_type: application/octet
+          files: vscode-metaed.vsix
 
   sbom-attach:
     name: Attach SBOM file
@@ -149,11 +145,7 @@ jobs:
           "uploadName=$uploadName" >> $env:GITHUB_OUTPUT
         
       - name: Attach to release
-        uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 #v1.0.2
-        env:
-          GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }}
+        uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 #v2.0.8
+        if: startsWith(github.ref, 'refs/tags/')
         with:
-          upload_url: ${{ github.event.release.upload_url }}
-          asset_path: "./${{ steps.compress.outputs.uploadName }}"
-          asset_name: "${{ steps.compress.outputs.uploadName }}"
-          asset_content_type: application/octet
\ No newline at end of file
+          files: "${{ steps.compress.outputs.uploadName }}"
\ No newline at end of file

From 5a45a07c9b06feafb6d76b7e6e06443cffea8e22 Mon Sep 17 00:00:00 2001
From: CSR2017 <suganya@imanisoftware.com>
Date: Mon, 29 Jul 2024 16:51:34 -0500
Subject: [PATCH 3/3] Add token explicitly

---
 .github/workflows/on-prerelease.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/on-prerelease.yml b/.github/workflows/on-prerelease.yml
index eef77ec..96c7171 100644
--- a/.github/workflows/on-prerelease.yml
+++ b/.github/workflows/on-prerelease.yml
@@ -119,6 +119,7 @@ jobs:
        if: startsWith(github.ref, 'refs/tags/')
        with:
           files: vscode-metaed.vsix
+          token: ${{ env.GITHUB_TOKEN }}
 
   sbom-attach:
     name: Attach SBOM file
@@ -148,4 +149,5 @@ jobs:
         uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 #v2.0.8
         if: startsWith(github.ref, 'refs/tags/')
         with:
-          files: "${{ steps.compress.outputs.uploadName }}"
\ No newline at end of file
+          files: "${{ steps.compress.outputs.uploadName }}"
+          token: ${{ env.GITHUB_TOKEN }}
\ No newline at end of file