actions/docker-attest-build-provenance
1
0
Fork 0
mirror of https://github.com/actions/attest-build-provenance.git synced 2025-12-15 11:52:14 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

update doc references to v3 release (#697)
Some checks failed
Check Transpiled JavaScript / Check dist/ (push) Failing after 2s
Details
Continuous Integration / TypeScript Tests (push) Failing after 1s
Details
Continuous Integration / Test attest-provenance action (push) Failing after 2s
Details
CodeQL / Analyze (TypeScript) (push) Failing after 2s
Details
Public-Good Sigstore Prober / prober (push) Failing after 1s
Details
GitHub Sigstore Prober / prober (push) Failing after 1s
Details

Browse Source 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
This commit is contained in:
Brian DeHamer 2025-08-28 14:23:03 -07:00 committed by GitHub
parent 977bb373ed
commit 0b6e980926
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/prober.yml vendored
View File

@ -29,7 +29,7 @@ jobs:
date > artifact date > artifact
- name: Attest build provenance - name: Attest build provenance
uses: actions/attest-build-provenance@v2 uses: actions/attest-build-provenance@v3
env: env:
INPUT_PRIVATE-SIGNING: ${{ inputs.sigstore == 'github' && 'true' || 'false' }} INPUT_PRIVATE-SIGNING: ${{ inputs.sigstore == 'github' && 'true' || 'false' }}
with: with:

18
README.md
View File

@ -55,7 +55,7 @@ attest:
1. Add the following to your workflow after your artifact has been built: 1. Add the following to your workflow after your artifact has been built:
```yaml ```yaml
- uses: actions/attest-build-provenance@v2 - uses: actions/attest-build-provenance@v3
with: with:
subject-path: '<PATH TO ARTIFACT>' subject-path: '<PATH TO ARTIFACT>'
``` ```
@ -68,7 +68,7 @@ attest:
See [action.yml](action.yml) See [action.yml](action.yml)
```yaml ```yaml
- uses: actions/attest-build-provenance@v2 - uses: actions/attest-build-provenance@v3
with: with:
# Path to the artifact serving as the subject of the attestation. Must # Path to the artifact serving as the subject of the attestation. Must
# specify exactly one of "subject-path", "subject-digest", or # specify exactly one of "subject-path", "subject-digest", or
@ -159,7 +159,7 @@ jobs:
- name: Build artifact - name: Build artifact
run: make my-app run: make my-app
- name: Attest - name: Attest
uses: actions/attest-build-provenance@v2 uses: actions/attest-build-provenance@v3
with: with:
subject-path: '${{ github.workspace }}/my-app' subject-path: '${{ github.workspace }}/my-app'
``` ```
@ -170,7 +170,7 @@ If you are generating multiple artifacts, you can attest all of them at the same
time by using a wildcard in the `subject-path` input. time by using a wildcard in the `subject-path` input.
```yaml ```yaml
- uses: actions/attest-build-provenance@v2 - uses: actions/attest-build-provenance@v3
with: with:
subject-path: 'dist/**/my-bin-*' subject-path: 'dist/**/my-bin-*'
``` ```
@ -182,13 +182,13 @@ Alternatively, you can explicitly list multiple subjects with either a comma or
newline delimited list: newline delimited list:
```yaml ```yaml
- uses: actions/attest-build-provenance@v2 - uses: actions/attest-build-provenance@v3
with: with:
subject-path: 'dist/foo, dist/bar' subject-path: 'dist/foo, dist/bar'
``` ```
```yaml ```yaml
- uses: actions/attest-build-provenance@v2 - uses: actions/attest-build-provenance@v3
with: with:
subject-path: | subject-path: |
dist/foo dist/foo
@ -209,7 +209,7 @@ attestation.
- name: Calculate artifact digests - name: Calculate artifact digests
run: | run: |
shasum -a 256 foo_0.0.1_* > subject.checksums.txt shasum -a 256 foo_0.0.1_* > subject.checksums.txt
- uses: actions/attest-build-provenance@v2 - uses: actions/attest-build-provenance@v3
with: with:
subject-checksums: subject.checksums.txt subject-checksums: subject.checksums.txt
``` ```
@ -282,7 +282,7 @@ jobs:
push: true push: true
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
- name: Attest - name: Attest
uses: actions/attest-build-provenance@v2 uses: actions/attest-build-provenance@v3
id: attest id: attest
with: with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
@ -304,7 +304,7 @@ artifact directly into the `subject-digest` input of the attestation action.
path: dist/* path: dist/*
name: artifact.zip name: artifact.zip
- uses: actions/attest-build-provenance@v2 - uses: actions/attest-build-provenance@v3
with: with:
subject-name: artifact.zip subject-name: artifact.zip
subject-digest: sha256:${{ steps.upload.outputs.artifact-digest }} subject-digest: sha256:${{ steps.upload.outputs.artifact-digest }}