actions/docker-attest-build-provenance
1
0
Fork 0
mirror of https://github.com/actions/attest-build-provenance.git synced 2025-12-17 21:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'main' into dependabot/npm_and_yarn/npm-development-0290a10eb4

Browse Source
This commit is contained in:
Brian DeHamer 2024-05-06 08:46:05 -07:00 committed by GitHub
commit c1ff59a6f2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -1,6 +1,6 @@
# `actions/attest-build-provenance`
Generate signed build provenace attestations for workflow artifacts. Internally
Generate signed build provenance attestations for workflow artifacts. Internally
powered by the [@actions/attest][1] package.
Attestations bind some subject (a named artifact along with its digest) to a
@ -47,7 +47,7 @@ attest:
subject-path: '<PATH TO ARTIFACT>'
```
The `subject-path` parameter should identity the artifact for which you want
The `subject-path` parameter should identify the artifact for which you want
to generate an attestation.
### Inputs
@ -61,7 +61,7 @@ See [action.yml](action.yml)
# specify exactly one of "subject-path" or "subject-digest".
subject-path:
# SHA256 digest of the subject for for the attestation. Must be in the form
# SHA256 digest of the subject for the attestation. Must be in the form
# "sha256:hex_digest" (e.g. "sha256:abc123..."). Must specify exactly one
# of "subject-path" or "subject-digest".
subject-digest: