actions/docker-attest-build-provenance
1
0
Fork 0
mirror of https://github.com/actions/attest-build-provenance.git synced 2026-06-13 18:19:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'main' into dependabot/github_actions/hmarr/debug-action-3

Browse Source
This commit is contained in:
Whatisthis-dot 2025-03-21 20:32:06 +07:00 committed by GitHub
commit 5b6308ff32
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 29 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/linter.yml vendored
View File

@ -38,7 +38,7 @@ jobs:
- name: Lint Codebase - name: Lint Codebase
id: super-linter id: super-linter
uses: super-linter/super-linter/slim@v7.2.1 uses: super-linter/super-linter/slim@v7.3.0
env: env:
DEFAULT_BRANCH: main DEFAULT_BRANCH: main
FILTER_REGEX_EXCLUDE: dist/**/* FILTER_REGEX_EXCLUDE: dist/**/*

42
.github/workflows/prober-public-good.yml vendored
View File

@ -1,18 +1,28 @@
name: Public-Good Sigstore Prober - name: Upload a Build Artifact
uses: actions/upload-artifact@v4.6.2
with:
# Artifact name
name: # optional, default is artifact
# A file, directory or wildcard pattern that describes what to upload
path:
# The desired behavior if no files are found using the provided path.
Available Options:
warn: Output a warning but do not fail the action
error: Fail the action with an error message
ignore: Do not output any warnings or errors, the action does not fail
on: if-no-files-found: # optional, default is warn
workflow_dispatch: # Duration after which artifact will expire in days. 0 means using default retention.
schedule: Minimum 1 day. Maximum 90 days unless changed from the repository settings page.
# run every 5 minutes, as often as Github Actions allows
- cron: '*/5 * * * *' retention-days: # optional
# The level of compression for Zlib to be applied to the artifact archive. The value can range from 0 to 9: - 0: No compression - 1: Best speed - 6: Default compression (same as GNU Gzip) - 9: Best compression Higher levels will result in better compression, but will take longer to complete. For large files that are not easily compressed, a value of 0 is recommended for significantly faster uploads.
compression-level: # optional, default is 6
# If true, an artifact with a matching name will be deleted before a new one is uploaded. If false, the action will fail if an artifact for the given name already exists. Does not fail if the artifact does not exist.
overwrite: # optional, default is false
# If true, hidden files will be included in the artifact. If false, hidden files will be excluded from the artifact.
include-hidden-files: # optional, default is false
jobs:
prober:
if: github.repository_owner == 'actions'
permissions:
attestations: write
id-token: write
secrets: inherit
uses: ./.github/workflows/prober.yml
with:
sigstore: public-good

4
.github/workflows/prober.yml vendored
View File

@ -64,7 +64,7 @@ jobs:
- name: Report attestation prober success - name: Report attestation prober success
if: ${{ success() }} if: ${{ success() }}
uses: masci/datadog@a5d283e78e33a688ed08a96ba64440505e645a8c # v1.7.1 uses: masci/datadog@6889e9d060f5368eeee51f8a3f06a52f65d04da3 # v1.9.1
with: with:
api-key: "${{ secrets.DATADOG_API_KEY }}" api-key: "${{ secrets.DATADOG_API_KEY }}"
service-checks: | service-checks: |
@ -82,7 +82,7 @@ jobs:
- name: Report attestation prober failure - name: Report attestation prober failure
if: ${{ failure() }} if: ${{ failure() }}
uses: masci/datadog@a5d283e78e33a688ed08a96ba64440505e645a8c # v1.7.1 uses: masci/datadog@6889e9d060f5368eeee51f8a3f06a52f65d04da3 # v1.9.1
with: with:
api-key: "${{ secrets.DATADOG_API_KEY }}" api-key: "${{ secrets.DATADOG_API_KEY }}"
service-checks: | service-checks: |