From c5efebd311e9a809e832398ca2b73bb429ff3508 Mon Sep 17 00:00:00 2001
From: Brian DeHamer <bdehamer@github.com>
Date: Fri, 27 Feb 2026 10:01:25 -0800
Subject: [PATCH] remove prober workflows (#837)

Signed-off-by: Brian DeHamer <bdehamer@github.com>
---
 .github/dependabot.yml                   | 17 -----
 .github/workflows/prober-github.yml      | 18 -----
 .github/workflows/prober-public-good.yml | 18 -----
 .github/workflows/prober.yml             | 84 ------------------------
 4 files changed, 137 deletions(-)
 delete mode 100644 .github/workflows/prober-github.yml
 delete mode 100644 .github/workflows/prober-public-good.yml
 delete mode 100644 .github/workflows/prober.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 1d9d7ed..87a11ac 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -9,20 +9,3 @@ updates:
         update-types:
           - minor
           - patch
-    ignore:
-      - dependency-name: 'actions/attest-build-provenance'
-
-  - package-ecosystem: npm
-    directory: /
-    schedule:
-      interval: weekly
-    groups:
-      npm-development:
-        dependency-type: development
-        update-types:
-          - minor
-          - patch
-      npm-production:
-        dependency-type: production
-        update-types:
-          - patch
diff --git a/.github/workflows/prober-github.yml b/.github/workflows/prober-github.yml
deleted file mode 100644
index ea0b10f..0000000
--- a/.github/workflows/prober-github.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-name: GitHub Sigstore Prober
-
-on:
-  workflow_dispatch:
-  schedule:
-    # run every 5 minutes, as often as Github Actions allows
-    - cron: '*/5 * * * *'
-
-jobs:
-  prober:
-    if: github.repository_owner == 'actions'
-    permissions:
-      attestations: write
-      id-token: write
-    secrets: inherit
-    uses: ./.github/workflows/prober.yml
-    with:
-      sigstore: github
diff --git a/.github/workflows/prober-public-good.yml b/.github/workflows/prober-public-good.yml
deleted file mode 100644
index d8efefd..0000000
--- a/.github/workflows/prober-public-good.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-name: Public-Good Sigstore Prober
-
-on:
-  workflow_dispatch:
-  schedule:
-    # run every 5 minutes, as often as Github Actions allows
-    - cron: '*/5 * * * *'
-
-jobs:
-  prober:
-    if: github.repository_owner == 'actions'
-    permissions:
-      attestations: write
-      id-token: write
-    secrets: inherit
-    uses: ./.github/workflows/prober.yml
-    with:
-      sigstore: public-good
diff --git a/.github/workflows/prober.yml b/.github/workflows/prober.yml
deleted file mode 100644
index c7dd279..0000000
--- a/.github/workflows/prober.yml
+++ /dev/null
@@ -1,84 +0,0 @@
-name: Prober Workflow
-
-on:
-  workflow_call:
-    inputs:
-      sigstore:
-        description: 'Which Sigstore instance to use for signing'
-        required: true
-        type: string
-
-jobs:
-  probe:
-    runs-on: ubuntu-latest
-    permissions:
-      attestations: write
-      id-token: write
-
-    steps:
-      - name: Request OIDC Token
-        run: |
-          curl "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=nobody" \
-            -H "Authorization: bearer ${ACTIONS_ID_TOKEN_REQUEST_TOKEN}" \
-            -H "Accept: application/json; api-version=2.0" \
-            -H "Content-Type: application/json" \
-            --silent | jq -r '.value' | jq -R 'split(".") | .[0],.[1] | @base64d | fromjson'
-
-      - name: Create artifact
-        run: |
-          date > artifact
-
-      - name: Attest build provenance
-        uses: actions/attest-build-provenance@v3
-        env:
-          INPUT_PRIVATE-SIGNING: ${{ inputs.sigstore == 'github' && 'true' || 'false' }}
-        with:
-          subject-path: artifact
-
-      - name: Verify build artifact
-        env:
-          GH_TOKEN: ${{ github.token }}
-        run: |
-          gh attestation verify ./artifact --owner "$GITHUB_REPOSITORY_OWNER"
-
-      - name: Upload build artifact
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
-        with:
-          path: "artifact"
-
-      - name: Report attestation prober success
-        if: ${{ success() }}
-        uses: masci/datadog@a3f481d2ed0f4e1edde2be2f564b94719d6d4bc2 # v1.9.3
-        with:
-          api-key: "${{ secrets.DATADOG_API_KEY }}"
-          service-checks: |
-            - check: "attestation-integration.actions.prober"
-              status: 0
-              host_name: github.com
-              tags:
-                - "catalog_service:${{ secrets.CATALOG_SERVICE }}"
-                - "service:${{ secrets.CATALOG_SERVICE }}"
-                - "stamp:${{ secrets.STAMP }}"
-                - "env:production"
-                - "repo:${{ github.repository }}"
-                - "team:${{ secrets.TEAM }}"
-                - "sigstore:${{ inputs.sigstore }}"
-
-      - name: Report attestation prober failure
-        if: ${{ failure() }}
-        uses: masci/datadog@a3f481d2ed0f4e1edde2be2f564b94719d6d4bc2 # v1.9.3
-        with:
-          api-key: "${{ secrets.DATADOG_API_KEY }}"
-          service-checks: |
-            - check: "attestation-integration.actions.prober"
-              message: "${{ github.repository_owner }} failed prober check"
-              status: 2
-              host_name: github.com
-              tags:
-                - "catalog_service:${{ secrets.CATALOG_SERVICE }}"
-                - "service:${{ secrets.CATALOG_SERVICE }}"
-                - "stamp:${{ secrets.STAMP }}"
-                - "env:production"
-                - "repo:${{ github.repository }}"
-                - "team:${{ secrets.TEAM }}"
-                - "sigstore:${{ inputs.sigstore }}"