actions/docker-attest-build-provenance
1
0
Fork 0
mirror of https://github.com/actions/attest-build-provenance.git synced 2026-05-13 08:20:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

include docs on create-storage-record

Browse Source 
Signed-off-by: Meredith Lancaster <malancas@github.com>
This commit is contained in:
Meredith Lancaster 2025-12-18 12:29:03 -08:00
parent 5811b2af42
commit 7dea57accd
2 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -95,6 +95,12 @@ See [action.yml](action.yml)
# the "subject-digest" parameter be specified. Defaults to false. # the "subject-digest" parameter be specified. Defaults to false.
push-to-registry: push-to-registry:
# Whether to create a storage record for the artifact.
# Requires that push-to-registry is set to true.
# Requires that the "subject-name" parameter specify the fully-qualified
# image name. Defaults to true.
create-storage-record:
# Whether to attach a list of generated attestations to the workflow run # Whether to attach a list of generated attestations to the workflow run
# summary page. Defaults to true. # summary page. Defaults to true.
show-summary: show-summary:
@ -243,6 +249,10 @@ the specific image being attested is identified by the supplied digest.
Attestation bundles are stored in the OCI registry according to the [Cosign Attestation bundles are stored in the OCI registry according to the [Cosign
Bundle Specification][10]. Bundle Specification][10].
If the `push-to-registry` option is set to true, the Action will also
emit an Artifact Metadata Storage Record. If you do not want to emit a
storage record, set `create-storage-record` to `false`.
> **NOTE**: When pushing to Docker Hub, please use "index.docker.io" as the > **NOTE**: When pushing to Docker Hub, please use "index.docker.io" as the
> registry portion of the image name. > registry portion of the image name.

7
action.yml
View File

@ -36,6 +36,12 @@ inputs:
and that the "subject-digest" parameter be specified. Defaults to false. and that the "subject-digest" parameter be specified. Defaults to false.
default: false default: false
required: false required: false
create-storage-record:
description: >
Whether to create a storage record for the artifact.
Requires that push-to-registry is set to true. Defaults to true.
default: true
required: false
show-summary: show-summary:
description: > description: >
Whether to attach a list of generated attestations to the workflow run Whether to attach a list of generated attestations to the workflow run
@ -76,5 +82,6 @@ runs:
predicate-type: ${{ steps.generate-build-provenance-predicate.outputs.predicate-type }} predicate-type: ${{ steps.generate-build-provenance-predicate.outputs.predicate-type }}
predicate: ${{ steps.generate-build-provenance-predicate.outputs.predicate }} predicate: ${{ steps.generate-build-provenance-predicate.outputs.predicate }}
push-to-registry: ${{ inputs.push-to-registry }} push-to-registry: ${{ inputs.push-to-registry }}
create-storage-record: ${{ inputs.create-storage-record }}
show-summary: ${{ inputs.show-summary }} show-summary: ${{ inputs.show-summary }}
github-token: ${{ inputs.github-token }} github-token: ${{ inputs.github-token }}