From 7dea57accdd1577b438153d0694e9c60f2e394d6 Mon Sep 17 00:00:00 2001
From: Meredith Lancaster <malancas@github.com>
Date: Thu, 18 Dec 2025 12:29:03 -0800
Subject: [PATCH] include docs on create-storage-record

Signed-off-by: Meredith Lancaster <malancas@github.com>
---
 README.md  | 10 ++++++++++
 action.yml |  7 +++++++
 2 files changed, 17 insertions(+)

diff --git a/README.md b/README.md
index 609acc0..9735307 100644
--- a/README.md
+++ b/README.md
@@ -95,6 +95,12 @@ See [action.yml](action.yml)
     # the "subject-digest" parameter be specified. Defaults to false.
     push-to-registry:
 
+    # Whether to create a storage record for the artifact.
+    # Requires that push-to-registry is set to true.
+    # Requires that the "subject-name" parameter specify the fully-qualified
+    # image name. Defaults to true.
+    create-storage-record:
+
     # Whether to attach a list of generated attestations to the workflow run
     # summary page. Defaults to true.
     show-summary:
@@ -243,6 +249,10 @@ the specific image being attested is identified by the supplied digest.
 Attestation bundles are stored in the OCI registry according to the [Cosign
 Bundle Specification][10].
 
+If the `push-to-registry` option is set to true, the Action will also
+emit an Artifact Metadata Storage Record. If you do not want to emit a
+storage record, set `create-storage-record` to `false`.
+
 > **NOTE**: When pushing to Docker Hub, please use "index.docker.io" as the
 > registry portion of the image name.
 
diff --git a/action.yml b/action.yml
index be9f4c1..8834a1a 100644
--- a/action.yml
+++ b/action.yml
@@ -36,6 +36,12 @@ inputs:
       and that the "subject-digest" parameter be specified. Defaults to false.
     default: false
     required: false
+  create-storage-record:
+    description: >
+      Whether to create a storage record for the artifact.
+      Requires that push-to-registry is set to true. Defaults to true.
+    default: true
+    required: false
   show-summary:
     description: >
       Whether to attach a list of generated attestations to the workflow run
@@ -76,5 +82,6 @@ runs:
         predicate-type: ${{ steps.generate-build-provenance-predicate.outputs.predicate-type }}
         predicate: ${{ steps.generate-build-provenance-predicate.outputs.predicate }}
         push-to-registry: ${{ inputs.push-to-registry }}
+        create-storage-record: ${{ inputs.create-storage-record }}
         show-summary: ${{ inputs.show-summary }}
         github-token: ${{ inputs.github-token }}