Skip to content

Commit

Permalink
main ref updates
Browse files Browse the repository at this point in the history
Signed-off-by: laurentsimon <[email protected]>
  • Loading branch information
laurentsimon committed Aug 22, 2023
1 parent e92d582 commit 2c931a5
Show file tree
Hide file tree
Showing 10 changed files with 17 additions and 17 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/builder_high-perms-checkout_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ jobs:
steps:
- name: Generate the token
id: generate
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@main
with:
slsa-workflow-recipient: "delegator_generic_slsa3.yml"
slsa-rekor-log-public: ${{ inputs.rekor-log-public }}
Expand All @@ -106,7 +106,7 @@ jobs:
contents: write # For asset uploads.
packages: write # For package uploads.
actions: read # For the entrypoint.
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_generic_slsa3.yml@v1.9.0
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_generic_slsa3.yml@main
with:
slsa-token: ${{ needs.slsa-setup.outputs.slsa-token }}
secrets:
Expand All @@ -121,7 +121,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Download provenance
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@main
with:
name: ${{ needs.slsa-run.outputs.attestations-download-name }}
sha256: ${{ needs.slsa-run.outputs.attestations-download-sha256 }}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
contents: write # For asset release.
packages: write # For package upload.
actions: read # For getting workflow run info.
uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v1.9.0
uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@main
with:
artifact: my-artifact
filename: high-perms-checkout/src/build.txt
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/builder_high-perms_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ jobs:
steps:
- name: Generate the token
id: generate
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@main
with:
slsa-workflow-recipient: "delegator_generic_slsa3.yml"
slsa-rekor-log-public: ${{ inputs.rekor-log-public }}
Expand All @@ -100,7 +100,7 @@ jobs:
contents: write # For asset uploads.
packages: write # For package uploads.
actions: read # For the entrypoint.
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_generic_slsa3.yml@v1.9.0
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_generic_slsa3.yml@main
with:
slsa-token: ${{ needs.slsa-setup.outputs.slsa-token }}
secrets:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/builder_high-perms_slsa3_test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
contents: write # For asset release.
packages: write # For package upload.
actions: read # For getting workflow run info.
uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.9.0 # v0.0.1 has all refs at main.
uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@main # v0.0.1 has all refs at main.
with:
artifact: my-artifact
content: "hello world"
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/builder_low-perms_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ jobs:
steps:
- name: Generate the token
id: generate
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@main
with:
slsa-workflow-recipient: "delegator_lowperms-generic_slsa3.yml"
slsa-rekor-log-public: ${{ inputs.rekor-log-public }}
Expand All @@ -109,7 +109,7 @@ jobs:
id-token: write # For signing.
contents: read # For code access.
actions: read # For the entrypoint.
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@v1.9.0
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@main
with:
slsa-token: ${{ needs.slsa-setup.outputs.slsa-token }}
secrets:
Expand All @@ -124,7 +124,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Download provenance
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@main
with:
name: ${{ needs.slsa-run.outputs.attestations-download-name }}
sha256: ${{ needs.slsa-run.outputs.attestations-download-sha256 }}
Expand Down Expand Up @@ -152,7 +152,7 @@ jobs:
# Artifacts are downloaded in the current directory. The downloaded folder
# is the one uploaded by the TCA, which in our case is called "artifacts".
- name: Download artifacts
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-download-folder@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-download-folder@main
with:
name: ${{ fromJson(needs.slsa-run.outputs.build-artifacts-outputs).artifact-download-name }}
sha256: ${{ fromJson(needs.slsa-run.outputs.build-artifacts-outputs).artifact-download-sha256 }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/builder_low-perms_slsa3_test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
id-token: write # For signing
contents: write # For asset release.
actions: read # For getting workflow run info.
uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.9.0 # v0.0.1 has all refs at main.
uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@main # v0.0.1 has all refs at main.
with:
artifact: my-artifact
content: "hello world"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ runs:
using: "composite"
steps:
- name: Download the attestations
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@main
with:
name: ${{ inputs.name }}
path: ${{ inputs.path }}
Expand Down
2 changes: 1 addition & 1 deletion high-perms/actions/download/attestation/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ runs:
using: "composite"
steps:
- name: Download the attestations
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@main
with:
name: ${{ inputs.name }}
path: ${{ inputs.path }}
Expand Down
2 changes: 1 addition & 1 deletion low-perms/actions/download/attestation/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ runs:
using: "composite"
steps:
- name: Download the attestations
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@main
with:
name: ${{ inputs.name }}
path: ${{ inputs.path }}
Expand Down
4 changes: 2 additions & 2 deletions low-perms/internal/callback_action/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ runs:
- name: Create random value
id: rng
# WARNING: This is not cryptographically secure and will show in logs!
uses: slsa-framework/slsa-github-generator/actions/delegator/random@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/random@main

# Create the folder to share.
# The folder is local, so need its name needs not be randomized.
Expand All @@ -100,7 +100,7 @@ runs:
# Share the artifacts folder, with a unique randomized name.
- name: Share artifacts
id: upload
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-upload-folder@v1.9.0
uses: slsa-framework/slsa-github-generator/actions/delegator/secure-upload-folder@main
with:
name: "${{ steps.rng.outputs.random }}-artifacts"
path: artifacts

0 comments on commit 2c931a5

Please sign in to comment.