Skip to content

Commit

Permalink
Generate provenance for container images
Browse files Browse the repository at this point in the history
Signed-off-by: Stefan Prodan <[email protected]>
  • Loading branch information
stefanprodan committed Jun 21, 2023
1 parent 8a822e1 commit 2d7f517
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -129,9 +129,9 @@ jobs:
dockerhub-provenance:
needs: [release]
permissions:
actions: read # To read the workflow path.
id-token: write # To sign the provenance.
contents: write # To add assets to the release.
actions: read # for detecting the Github Actions environment.
id-token: write # for creating OIDC tokens for signing.
packages: write # for uploading attestations.
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
with:
image: ${{ needs.release.outputs.image_url }}
Expand All @@ -143,9 +143,9 @@ jobs:
ghcr-provenance:
needs: [release]
permissions:
actions: read # To read the workflow path.
id-token: write # To sign the provenance.
contents: write # To add assets to the release.
actions: read # for detecting the Github Actions environment.
id-token: write # for creating OIDC tokens for signing.
packages: write # for uploading attestations.
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
with:
image: ghcr.io/${{ needs.release.outputs.image_url }}
Expand Down

0 comments on commit 2d7f517

Please sign in to comment.