From 2c64da23f14d811f379af092fa6c8abd091bc4bc Mon Sep 17 00:00:00 2001
From: David Niehues <7667041+DavidNiehues@users.noreply.github.com>
Date: Wed, 5 Feb 2025 17:17:14 +0100
Subject: [PATCH] chore(ci): add cargo-supply-chain to the CI for supply-chain
 protection.

---
 .github/workflows/supply-chain.yml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/.github/workflows/supply-chain.yml b/.github/workflows/supply-chain.yml
index 1f53535..4fc9fa7 100644
--- a/.github/workflows/supply-chain.yml
+++ b/.github/workflows/supply-chain.yml
@@ -15,3 +15,30 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: EmbarkStudios/cargo-deny-action@v2
+  cargo-supply-chain:
+    name: Supply Chain Report
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/cache@v4
+        with:
+          path: |
+            ~/.cargo/bin/
+            ~/.cargo/registry/index/
+            ~/.cargo/registry/cache/
+            ~/.cache/cargo-supply-chain/
+          key: cargo-supply-chain-cache
+      - uses: actions/cache@v4
+        with:
+          path: ${{ runner.tool_cache }}/cargo-supply-chain
+          key: cargo-supply-chain-bin
+      - name: Add the tool cache directory to the search path
+        run: echo "${{ runner.tool_cache }}/cargo-supply-chain/bin" >> $GITHUB_PATH
+      - name: Ensure that the tool cache is populated with the cargo-supply-chain binary
+        run: cargo install --root ${{ runner.tool_cache }}/cargo-supply-chain cargo-supply-chain
+      - name: Update data for cargo-supply-chain
+        run: cargo supply-chain update
+      - name: Generate cargo-supply-chain report about publishers
+        run: cargo supply-chain publishers
+      - name: Generate cargo-supply-chain report about crates
+        run: cargo supply-chain crates