release #9

	# Releases are signed via https://github.com/sigstore/sigstore-python.
	# See https://docs.sigstore.dev for information about sigstore.
	#
	# To verify a downloaded release at a given tag:
	#
	# % pip install sigstore
	# % sigstore verify github --cert-identity https://github.com/AcademySoftwareFoundation/MaterialX/.github/workflows/release-sign.yml@refs/tags/<tag> MaterialX-<tag>.tar.gz

	name: Release

	on:
	release:
	types: [published]

	permissions:
	contents: read

	jobs:
	release:
	name: Release
	runs-on: ubuntu-latest

	env:
	TAG: ${{ github.ref_name }}
	permissions:
	contents: write
	id-token: write
	repository-projects: write

	steps:
	- name: Sync Repository
	uses: actions/checkout@v4
	with:
	submodules: recursive

	- name: Create Archive Name
	run: echo "MATERIALX_ARCHIVE=MaterialX-${TAG//v}" >> $GITHUB_ENV

	- name: Generate Archives
	run: \|
	git archive --prefix ${MATERIALX_ARCHIVE}/ --output ${MATERIALX_ARCHIVE}.zip ${TAG}
	git archive --prefix ${MATERIALX_ARCHIVE}/ --output ${MATERIALX_ARCHIVE}.tar.gz ${TAG}

	- name: Run Sigstore Action
	uses: sigstore/gh-action-sigstore-python@v3.0.0
	with:
	inputs: ${{ env.MATERIALX_ARCHIVE }}.zip

Provide feedback