actions/docker-attest-build-provenance
1
0
Fork 0
mirror of https://github.com/actions/attest-build-provenance.git synced 2025-12-18 13:22:34 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Update README.md to use attestations permission

Browse Source
This commit is contained in:
Phill MV 2024-04-11 15:55:04 -04:00 committed by GitHub
parent 21a4fc8dbf
commit 2468bd0582
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -29,11 +29,11 @@ attest:
```yaml ```yaml
permissions: permissions:
id-token: write id-token: write
contents: write # TODO: Update this attestations: write
``` ```
The `id-token` permission gives the action the ability to mint the OIDC token The `id-token` permission gives the action the ability to mint the OIDC token
permission is necessary to persist the attestation. The `contents` permission permission is necessary to persist the attestation. The `attestations` permission
is necessary to persist the attestation. is necessary to persist the attestation.
1. Add the following to your workflow after your artifact has been built: 1. Add the following to your workflow after your artifact has been built:
@ -112,7 +112,7 @@ jobs:
build: build:
permissions: permissions:
id-token: write id-token: write
contents: write attestations: write
steps: steps:
- name: Checkout - name: Checkout
@ -166,7 +166,7 @@ jobs:
permissions: permissions:
id-token: write id-token: write
packages: write packages: write
contents: write attestations: write
env: env:
REGISTRY: ghcr.io REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }} IMAGE_NAME: ${{ github.repository }}