actions/docker-attest-build-provenance
1
0
Fork 0
mirror of https://github.com/actions/attest-build-provenance.git synced 2025-12-17 21:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update README.md to use attestations permission

Browse Source
This commit is contained in:
Phill MV 2024-04-11 15:55:04 -04:00 committed by GitHub
parent 21a4fc8dbf
commit 2468bd0582
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -29,11 +29,11 @@ attest:
```yaml
permissions:
id-token: write
contents: write # TODO: Update this
attestations: write
```
The `id-token` permission gives the action the ability to mint the OIDC token
permission is necessary to persist the attestation. The `contents` permission
permission is necessary to persist the attestation. The `attestations` permission
is necessary to persist the attestation.
1. Add the following to your workflow after your artifact has been built:
@ -112,7 +112,7 @@ jobs:
build:
permissions:
id-token: write
contents: write
attestations: write
steps:
- name: Checkout
@ -166,7 +166,7 @@ jobs:
permissions:
id-token: write
packages: write
contents: write
attestations: write
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}