Skip to content

Commit

Permalink
Fix in-toto attestations upload for release
Browse files Browse the repository at this point in the history
  • Loading branch information
marcransome committed Mar 24, 2024
1 parent 1dd0dc1 commit 8689632
Showing 1 changed file with 16 additions and 9 deletions.
25 changes: 16 additions & 9 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -96,10 +96,22 @@ jobs:
actions: read
id-token: write
contents: write
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] # Must specify version tag; see https://github.com/slsa-framework/slsa-verifier/issues/12
with:
base64-subjects: ${{ needs.combine-hashes.outputs.hashes }}
provenance-name: flog.multiple.intoto.jsonl
runs-on: ubuntu-latest
steps:
- if: startsWith(github.ref, 'refs/tags/v')
name: Generate and upload SLSA provenance to release
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] # Must specify version tag; see https://github.com/slsa-framework/slsa-verifier/issues/12
with:
base64-subjects: ${{ needs.combine-hashes.outputs.hashes }}
provenance-name: flog.multiple.intoto.jsonl
upload-assets: true
- if: ${{ !startsWith(github.ref, 'refs/tags/v') }}
name: Generate SLSA provenance
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] # Must specify version tag; see https://github.com/slsa-framework/slsa-verifier/issues/12
with:
base64-subjects: ${{ needs.combine-hashes.outputs.hashes }}
provenance-name: flog.multiple.intoto.jsonl
upload-assets: false
release:
needs: [build, combine-hashes, provenance]
permissions:
Expand All @@ -123,10 +135,6 @@ jobs:
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
with:
name: ${{ needs.build.outputs.checksum-darwin-arm64 }}
- name: Download in-toto attestations file
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
with:
name: flog.multiple.intoto.jsonl
- name: Upload release assets
uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # v2.0.4
with:
Expand All @@ -135,4 +143,3 @@ jobs:
${{ needs.build.outputs.checksum-darwin-x86_64 }}
${{ needs.build.outputs.archive-darwin-arm64 }}
${{ needs.build.outputs.checksum-darwin-arm64 }}
flog.multiple.intoto.jsonl

0 comments on commit 8689632

Please sign in to comment.