Skip to content

Commit

Permalink
Merge pull request #66 from Staffbase/provenance
Browse files Browse the repository at this point in the history 
✨ Add Option to configure provenance attestations
  • Loading branch information
@timdittler
timdittler authored Jun 5, 2023
2 parents 33642ad + fa7f40d commit 666ca4d
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 20 deletions.
41 changes: 21 additions & 20 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,26 +105,27 @@ jobs:
## Inputs
| Name | Description | Default |
|-----------------------------|--------------------------------------------------------------------------------------------------------------------------------|--------------------------|
| `docker-registry` | Docker Registry | `staffbase.jfrog.io` |
| `docker-image` | Docker Image | |
| `docker-username` | Username for the Docker Registry | |
| `docker-password` | Password for the Docker Registry | |
| `docker-file` | Dockerfile | `./Dockerfile` |
| `docker-build-args` | List of build-time variables | |
| `docker-build-secrets` | List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken) | |
| `docker-build-secret-files` | List of secret files to expose to the build (e.g., key=filename, MY_SECRET=./secret.txt) | |
| `docker-build-target` | Sets the target stage to build like: "runtime" | |
| `gitops-organization` | GitHub Organization for GitOps | `Staffbase` |
| `gitops-repository` | GitHub Repository for GitOps | `mops` |
| `gitops-user` | GitHub User for GitOps | `Staffbot` |
| `gitops-email` | GitHub Email for GitOps | `staffbot@staffbase.com` |
| `gitops-token` | GitHub Token for GitOps | |
| `gitops-dev` | Files which should be updated by the GitHub Action for DEV, must be relative to the root of the GitOps repository | |
| `gitops-stage` | Files which should be updated by the GitHub Action for STAGE, must be relative to the root of the GitOps repository | |
| `gitops-prod` | Files which should be updated by the GitHub Action for PROD, must be relative to the root of the GitOps repository | |
| `working-directory` | The directory in which the GitOps action should be executed. The docker-file variable should be relative to working directory. | `.` |
| Name | Description | Default |
|-----------------------------|--------------------------------------------------------------------------------------------------------------------------------|-----------------------------|
| `docker-registry` | Docker Registry | `staffbase.jfrog.io` |
| `docker-image` | Docker Image | |
| `docker-username` | Username for the Docker Registry | |
| `docker-password` | Password for the Docker Registry | |
| `docker-file` | Dockerfile | `./Dockerfile` |
| `docker-build-args` | List of build-time variables | |
| `docker-build-secrets` | List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken) | |
| `docker-build-secret-files` | List of secret files to expose to the build (e.g., key=filename, MY_SECRET=./secret.txt) | |
| `docker-build-target` | Sets the target stage to build like: "runtime" | |
| `docker-build-provenance` | Generate [provenance](https://docs.docker.com/build/attestations/slsa-provenance/) attestation for the build | `mode=min,inline-only=true` |
| `gitops-organization` | GitHub Organization for GitOps | `Staffbase` |
| `gitops-repository` | GitHub Repository for GitOps | `mops` |
| `gitops-user` | GitHub User for GitOps | `Staffbot` |
| `gitops-email` | GitHub Email for GitOps | `staffbot@staffbase.com` |
| `gitops-token` | GitHub Token for GitOps | |
| `gitops-dev` | Files which should be updated by the GitHub Action for DEV, must be relative to the root of the GitOps repository | |
| `gitops-stage` | Files which should be updated by the GitHub Action for STAGE, must be relative to the root of the GitOps repository | |
| `gitops-prod` | Files which should be updated by the GitHub Action for PROD, must be relative to the root of the GitOps repository | |
| `working-directory` | The directory in which the GitOps action should be executed. The docker-file variable should be relative to working directory. | `.` |

## Contributing

Expand Down
5 changes: 5 additions & 0 deletions action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ inputs:
docker-build-target:
description: "Sets the target stage to build"
required: false
docker-build-provenance:
description: "Generate provenance attestation for the build"
required: false
default: 'mode=min,inline-only=true'
gitops-organization:
description: 'GitHub Organization for GitOps'
required: true
Expand Down Expand Up @@ -140,6 +144,7 @@ runs:
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
provenance: ${{ inputs.docker-build-provenance }}

- name: Checkout GitOps Repository
if: inputs.gitops-token != ''
Expand Down

0 comments on commit 666ca4d

Please sign in to comment.