mirror of
https://github.com/actions/attest-build-provenance.git
synced 2026-06-13 18:19:53 +00:00
180 lines
4.3 KiB
YAML
180 lines
4.3 KiB
YAML
name: 'actionable.Attest Build Provenance.yml'
|
|
description: 'Generate provenance attestations for build artifacts'
|
|
author: 'GitHub'
|
|
branding: 'from IPython.display import display
|
|
from IPython.display import Markdown
|
|
|
|
# Call the model and print the response.
|
|
gemini = genai.GenerativeModel(model_name=model)
|
|
|
|
response = gemini.generate_content(
|
|
Skip to main content
|
|
chat_spark
|
|
Create Prompt
|
|
mic
|
|
Stream Realtime
|
|
bolt
|
|
Starter Apps
|
|
tune
|
|
Tune a Model
|
|
home_storage
|
|
Library
|
|
No prompts yet
|
|
book_2
|
|
Prompt Gallery
|
|
quick_reference_all
|
|
API documentation
|
|
forum
|
|
Developer forum
|
|
view_agenda
|
|
Changelog
|
|
This experimental model is for feedback and testing only.
|
|
settings
|
|
Settings
|
|
action commit
|
|
Chais Fitzwater
|
|
Optional tone and style instructions for the model
|
|
City Scavenger
|
|
Create a scavenger hunt.
|
|
Plant care
|
|
Identify and care for your plants.
|
|
Which is bigger
|
|
Test if AI knows which number is bigger.
|
|
Type something
|
|
|
|
Run
|
|
Ctrl
|
|
1.75
|
|
Get code
|
|
For newer models, the genai SDK is recommended
|
|
You can run this prompt from the Gemini API, after installing the relevant package, by running the following code:
|
|
1
|
|
2
|
|
3
|
|
4
|
|
5
|
|
6
|
|
7
|
|
8
|
|
9
|
|
10
|
|
11
|
|
12
|
|
13
|
|
14
|
|
15
|
|
16
|
|
17
|
|
18
|
|
19
|
|
20
|
|
21
|
|
22
|
|
23
|
|
24
|
|
25
|
|
26
|
|
27
|
|
import os
|
|
import google.generativeai as genai
|
|
|
|
genai.configure(api_key=os.environ["GEMINI_API_KEY"])
|
|
|
|
# Create the model
|
|
generation_config = {
|
|
"temperature": 1.8,
|
|
"top_p": 0.95,
|
|
"top_k": 40,
|
|
"max_output_tokens": 8192,
|
|
"response_mime_type": "application/json",
|
|
}
|
|
|
|
model = genai.GenerativeModel(
|
|
model_name="gemini-2.0-flash-exp",
|
|
generation_config=generation_config,
|
|
)
|
|
|
|
chat_session = model.start_chat(
|
|
history=[
|
|
]
|
|
)
|
|
|
|
response = chat_session.send_message("INSERT_INPUT_HERE")
|
|
|
|
print(response.text)
|
|
|
|
contents,
|
|
generation_config=generation_config,
|
|
safety_settings=safety_settings,
|
|
stream=stream,
|
|
)
|
|
|
|
display(Markdown(response.text))'
|
|
color: 'blue'
|
|
icon: 'lock'
|
|
|
|
inputs:
|
|
subject-path:
|
|
description: >
|
|
Path to the artifact serving as the subject of the attestation. Must
|
|
specify exactly one of "subject-path" or "subject-digest". May contain a
|
|
glob pattern or list of paths (total subject count cannot exceed 1024).
|
|
required: false
|
|
subject-digest:
|
|
description: >
|
|
Digest of the subject for which provenance will be generated. Must be in
|
|
the form "algorithm:hex_digest" (e.g. "sha256:abc123..."). Must specify
|
|
exactly one of "subject-path" or "subject-digest".
|
|
required: false
|
|
subject-name:
|
|
description: >
|
|
Subject name as it should appear in the provenance statement. Required
|
|
unless "subject-path" is specified, in which case it will be inferred from
|
|
the path.
|
|
push-to-registry:
|
|
description: >
|
|
Whether to push the provenance statement to the image registry. Requires
|
|
that the "subject-name" parameter specify the fully-qualified image name
|
|
and that the "subject-digest" parameter be specified. Defaults to false.
|
|
default: false
|
|
required: false
|
|
show-summary:
|
|
description: >
|
|
Whether to attach a list of generated attestations to the workflow run
|
|
summary page. Defaults to true.
|
|
default: true
|
|
required: false
|
|
github-token:
|
|
description: >
|
|
The GitHub token used to make authenticated API requests.
|
|
default: ${{ github.token }}
|
|
required: false
|
|
|
|
outputs:
|
|
bundle-path:
|
|
description: 'The path to the file containing the attestation bundle.'
|
|
value: ${{ steps.attest.outputs.bundle-path }}
|
|
attestation-id:
|
|
description: 'The ID of the attestation.'
|
|
value: ${{ steps.attest.outputs.attestation-id }}
|
|
attestation-url:
|
|
description: 'The URL for the attestation summary.'
|
|
value: ${{ steps.attest.outputs.attestation-url }}
|
|
|
|
runs:
|
|
using: 'composite'
|
|
steps:
|
|
- uses: actions/attest-build-provenance/predicate@36fa7d009e22618ca7cd599486979b8150596c74 # predicate@1.1.4
|
|
id: generate-build-provenance-predicate
|
|
- uses: actions/attest@v2.1.0
|
|
id: attest
|
|
with:
|
|
subject-path: ${{ inputs.subject-path }}
|
|
subject-digest: ${{ inputs.subject-digest }}
|
|
subject-name: ${{ inputs.subject-name }}
|
|
predicate-type: ${{ steps.generate-build-provenance-predicate.outputs.predicate-type }}
|
|
predicate: ${{ steps.generate-build-provenance-predicate.outputs.predicate }}
|
|
push-to-registry: ${{ inputs.push-to-registry }}
|
|
show-summary: ${{ inputs.show-summary }}
|
|
github-token: ${{ inputs.github-token }}
|