Update SLSA generators to v1.4.0 (#1884)
Since GitHub's deprecation of `set-ouput`, the SLSA reusable workflows needed to change. This PR updates them to the latest version. Fixes https://github.com/slsa-framework/slsa-github-generator/issues/1302 Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com> Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com> Co-authored-by: Sampark Sharma <phantsure@github.com>
This commit is contained in:
@@ -16,8 +16,6 @@ on:
|
||||
release:
|
||||
types: [created]
|
||||
|
||||
permissions: read-all
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
@@ -46,7 +44,7 @@ jobs:
|
||||
# provenance for.
|
||||
#
|
||||
# ========================================================
|
||||
- name: Generate subject
|
||||
- name: Generate subject for provenance
|
||||
id: hash
|
||||
run: |
|
||||
set -euo pipefail
|
||||
@@ -54,7 +52,7 @@ jobs:
|
||||
# List the artifacts the provenance will refer to.
|
||||
files=$(ls artifact*)
|
||||
# Generate the subjects (base64 encoded).
|
||||
echo "::set-output name=digests::$(sha256sum $files | base64 -w0)"
|
||||
echo "hashes=$(sha256sum $files | base64 -w0)" >> "${GITHUB_OUTPUT}"
|
||||
|
||||
provenance:
|
||||
needs: [build]
|
||||
@@ -62,7 +60,7 @@ jobs:
|
||||
actions: read # To read the workflow path.
|
||||
id-token: write # To sign the provenance.
|
||||
contents: write # To add assets to a release.
|
||||
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.2.0
|
||||
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.4.0
|
||||
with:
|
||||
base64-subjects: "${{ needs.build.outputs.digests }}"
|
||||
upload-assets: true # Optional: Upload to a new release
|
||||
|
||||
@@ -29,7 +29,7 @@ jobs:
|
||||
id-token: write # To sign.
|
||||
contents: write # To upload release assets.
|
||||
actions: read # To read workflow path.
|
||||
uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@v1.2.0
|
||||
uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@v1.4.0
|
||||
with:
|
||||
go-version: 1.17
|
||||
# =============================================================================================================
|
||||
|
||||
Reference in New Issue
Block a user