actions/docker-attest-build-provenance
1
0
Fork 0
mirror of https://github.com/actions/attest-build-provenance.git synced 2025-12-13 10:52:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bump predicate and actions/attest (#116)

Browse Source 
* actions/attest-build-provenance/predicate from 1.0.0 to 1.1.0
* actions/attest from 1.2.0 to 1.3.0

Signed-off-by: Brian DeHamer <bdehamer@github.com>
This commit is contained in:
Brian DeHamer 2024-06-12 16:28:09 -07:00 committed by GitHub
parent 52bfabd97f
commit 3119152b59
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -36,7 +36,7 @@ attest:
```
The `id-token` permission gives the action the ability to mint the OIDC token
permission is necessary to persist the attestation. The `attestations`
necessary to request a Sigstore signing certificate. The `attestations`
permission is necessary to persist the attestation.
1. Add the following to your workflow after your artifact has been built:

4
action.yml
View File

@ -44,9 +44,9 @@ outputs:
runs:
using: 'composite'
steps:
- uses: actions/attest-build-provenance/predicate@db1dde0f270afe12073070ac7aa802958ae3ec04 # predicate@1.0.0
- uses: actions/attest-build-provenance/predicate@46e4ff8b824dc6ae13c8f92c8ba69907e2d39b4e # predicate@1.1.0
id: generate-build-provenance-predicate
- uses: actions/attest@32795ed9174327efe1734fa6d09c9223658ef225 # v1.2.0
- uses: actions/attest@b24527d9cbfd6c27196c10f8dccbacaa2a1c53f2 # v1.3.0
id: attest
with:
subject-path: ${{ inputs.subject-path }}