Skip to content

Commit

Permalink
feat: rename provenance-registry to provenance-repository input (#3099)
Browse files Browse the repository at this point in the history 
fix #3095. cc: @laurentsimon

Signed-off-by: saisatishkarra <saisatish.karra@konghq.com>
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
  • Loading branch information
@saisatishkarra @laurentsimon
saisatishkarra and laurentsimon committed Jan 22, 2024
1 parent 56c554a commit 47019a5
Showing 1 changed file with 10 additions and 10 deletions.
20 changes: 10 additions & 10 deletions .github/workflows/generator_container_slsa3.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,9 @@ on:
# Note: This should only be used for high entropy values such as AWS Access Key.
# See https://github.com/slsa-framework/slsa-github-generator/tree/main/internal/builders/container#workflow-inputs for more information.
provenance-registry-username:
description: "Username when publishing to provenance registry (option 'provenance-registry') instead of image registry."
description: "Username when publishing to provenance repository (option 'provenance-repository') instead of image repository."
provenance-registry-password:
description: "Password when publishing to provenance registry instead of image registry."
description: "Password when publishing to provenance repository instead of image repository."
inputs:
image:
description: "The OCI image name. This must not include a tag or digest."
Expand Down Expand Up @@ -80,10 +80,10 @@ on:
type: string
default: ""
provenance-registry-username:
description: "Username when publishing to provenance registry (option 'provenance-registry') instead of image registry."
description: "Username when publishing to provenance registry (option 'provenance-repository') instead of image repository."
required: false
type: string
provenance-registry:
provenance-repository:
description: "If set, provenance is pushed to this registry instead of image registry."
required: false
type: string
Expand Down Expand Up @@ -220,12 +220,12 @@ jobs:
id: provenance-registry-login
continue-on-error: true
env:
UNTRUSTED_PROVENANCE_REGISTRY: "${{ inputs.provenance-registry }}"
UNTRUSTED_PROVENANCE_REPOSITORY: "${{ inputs.provenance-repository }}"
UNTRUSTED_INPUT_PROVENANCE_USERNAME: "${{ inputs.provenance-registry-username }}"
UNTRUSTED_SECRET_PROVENANCE_USERNAME: "${{ secrets.provenance-registry-username }}"
UNTRUSTED_PROVENANCE_PASSWORD: "${{ secrets.provenance-registry-password }}"
GCP_ACCESS_TOKEN: "${{ steps.auth.outputs.access_token }}"
if: ${{ env.UNTRUSTED_PROVENANCE_REGISTRY != '' }}
if: ${{ env.UNTRUSTED_PROVENANCE_REPOSITORY != '' }}
run: |
set -euo pipefail
Expand All @@ -235,7 +235,7 @@ jobs:
# See: https://stackoverflow.com/questions/37861791/how-are-docker-image-names-parsed#37867949
untrusted_provenance_domain="docker.io"
maybe_provenance_domain=$(echo "${UNTRUSTED_PROVENANCE_REGISTRY}" | cut -f1 -d "/" | { grep -E "\.|:" || true; })
maybe_provenance_domain=$(echo "${UNTRUSTED_PROVENANCE_REPOSITORY}" | cut -f1 -d "/" | { grep -E "\.|:" || true; })
if [ "${maybe_provenance_domain}" != "" ]; then
untrusted_provenance_domain="${maybe_provenance_domain}"
fi
Expand Down Expand Up @@ -266,16 +266,16 @@ jobs:
UNTRUSTED_IMAGE: "${{ inputs.image }}"
UNTRUSTED_DIGEST: "${{ inputs.digest }}"
GITHUB_CONTEXT: "${{ toJSON(github) }}"
UNTRUSTED_PROVENANCE_REGISTRY: "${{ inputs.provenance-registry }}"
UNTRUSTED_PROVENANCE_REPOSITORY: "${{ inputs.provenance-repository }}"
run: |
set -euo pipefail
# Generate a predicate only.
predicate_name="predicate.json"
"$GITHUB_WORKSPACE/$BUILDER_BINARY" generate --predicate="$predicate_name"
if [[ -n "${UNTRUSTED_PROVENANCE_REGISTRY}" ]]; then
export COSIGN_REPOSITORY="${UNTRUSTED_PROVENANCE_REGISTRY}"
if [[ -n "${UNTRUSTED_PROVENANCE_REPOSITORY}" ]]; then
export COSIGN_REPOSITORY="${UNTRUSTED_PROVENANCE_REPOSITORY}"
fi
COSIGN_EXPERIMENTAL=1 \
Expand Down

0 comments on commit 47019a5

Please sign in to comment.