Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Revert "fix: remove attestation-name input and output" #3399

Merged
merged 3 commits into from Mar 21, 2024
Merged

chore: Revert "fix: remove attestation-name input and output" #3399

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1794ca5
Revert "fix: remove attestation-name input and output (#3313)"
laurentsimon Mar 20, 2024
fa3f2eb
Merge branch 'main' into revert-3313-ramonpetgrave64-remove-attestati…
laurentsimon Mar 21, 2024
2258b95
Merge branch 'main' into revert-3313-ramonpetgrave64-remove-attestati…
laurentsimon Mar 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
13 changes: 13 additions & 0 deletions .github/workflows/generator_generic_slsa3.yml
View file
Open in desktop
Expand Up @@ -56,6 +56,10 @@ on:
the assets.
type: string
default: ""
attestation-name:
description: "The artifact name of the signed provenance. The file must have the intoto.jsonl extension. Defaults to <filename>.intoto.jsonl for single artifact or multiple.intoto.jsonl for multiple artifacts. DEPRECATED: Use provenance-name instead."
required: false
type: string
provenance-name:
description: The artifact name of the signed provenance. The file must have the intoto.jsonl extension. Defaults to <filename>.intoto.jsonl for single artifact or multiple.intoto.jsonl for multiple artifacts.
required: false
Expand Down Expand Up @@ -94,6 +98,9 @@ on:
Note: This value is non-empty only when a release asset is uploaded, according to
the values of `upload-assets` and `upload-tag-name`.
value: ${{ jobs.upload-assets.outputs.release-id }}
attestation-name:
description: "DEPRECATED: use the provenance-name output instead."
value: ${{ jobs.generator.outputs.provenance-name }}
provenance-name:
description: "The artifact name of the signed provenance. (A file with the intoto.jsonl extension)."
value: ${{ jobs.generator.outputs.provenance-name }}
Expand Down Expand Up @@ -219,11 +226,17 @@ jobs:
env:
GITHUB_CONTEXT: "${{ toJSON(github) }}"
UNTRUSTED_PROVENANCE_NAME: "${{ inputs.provenance-name }}"
UNTRUSTED_DEPRECATED_ATTESTATION_NAME: "${{ inputs.attestation-name }}"
run: |
set -euo pipefail
untrusted_prov_name=""
if [ "$UNTRUSTED_PROVENANCE_NAME" != "" ]; then
untrusted_prov_name="$UNTRUSTED_PROVENANCE_NAME"
else
if [ "$UNTRUSTED_DEPRECATED_ATTESTATION_NAME" != "" ]; then
echo "WARNING: deprecated attestation-name was used. Use provenance-name instead."
untrusted_prov_name="$UNTRUSTED_DEPRECATED_ATTESTATION_NAME"
fi
fi
# Create and sign provenance.
# NOTE: The builder verifies that the provenance path is located
Expand Down
5 changes: 0 additions & 5 deletions CHANGELOG.md
View file
Open in desktop
Expand Up @@ -10,7 +10,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
<!-- toc -->

- [Unreleased](#unreleased)
- [Unreleased: Breaking Change: attestation-name Workflow Input and Output](#unreleased-breaking-change-attestation-name-workflow-input-and-output)
- [Unreleased: Gradle Builder](#unreleased-gradle-builder)
- [Unreleased: Go Builder](#unreleased-go-builder)
- [Unreleased: Container Generator](#unreleased-container-generator)
Expand Down Expand Up @@ -100,10 +99,6 @@ duplication."

## Unreleased

### Unreleased: Breaking Change: attestation-name Workflow Input and Output

- `attestation-name` as a workflow input to `.github/workflows/generator_generic_slsa3.yml` is now removed. Use `provenance-name` instead.

### Unreleased: Gradle Builder

- The Gradle Builder was fixed when the project root is the same as the
Expand Down
2 changes: 2 additions & 0 deletions internal/builders/generic/README.md
View file
Open in desktop
Expand Up @@ -266,6 +266,7 @@ The [generic workflow](https://github.com/slsa-framework/slsa-github-generator/b
| `upload-assets` | no | false | If true provenance is uploaded to a GitHub release for new tags. |
| `upload-tag-name` | no | | If specified and `upload-assets` is set to true, the provenance will be uploaded to a Github release identified by the tag-name regardless of the triggering event. |
| `provenance-name` | no | "(subject name).intoto.jsonl" if a single subject. "multiple.intoto.json" if multiple subjects. | The artifact name of the signed provenance. The file must have the `intoto.jsonl` extension. |
| `attestation-name` | no | "(subject name).intoto.jsonl" if a single subject. "multiple.intoto.json" if multiple subjects. | The artifact name of the signed provenance. The file must have the `intoto.jsonl` extension. DEPRECATED: use `provenance-name` instead. |
| `private-repository` | no | false | Set to true to opt-in to posting to the public transparency log. Will generate an error if false for private repositories. This input has no effect for public repositories. See [Private Repositories](#private-repositories). |
| `continue-on-error` | no | false | Set to true to ignore errors. This option is useful if you won't want a failure to fail your entire workflow. |
| `draft-release` | no | false | If true, the release is created as a draft |
Expand All @@ -277,6 +278,7 @@ The [generic workflow](https://github.com/slsa-framework/slsa-github-generator/b
| Name | Description |
| ------------------ | ----------------------------------------------------------------------------------------------- |
| `provenance-name` | The artifact name of the signed provenance. |
| `attestation-name` | The artifact name of the signed provenance. DEPRECATED: use `provenance-name` instead. |
| `outcome` | If `continue-on-error` is `true`, will contain the outcome of the run (`success` or `failure`). |

### Provenance Format
Expand Down