From 87eeb628c0dab2186134dc7486d5921551ea566e Mon Sep 17 00:00:00 2001
From: Mike Hepburn <eformat@gmail.com>
Date: Wed, 31 May 2023 11:02:05 +1000
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=91=20syft=20sbom=20=F0=9F=90=91?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/workflows/build_container.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build_container.yaml b/.github/workflows/build_container.yaml
index f345f42..6a632e3 100644
--- a/.github/workflows/build_container.yaml
+++ b/.github/workflows/build_container.yaml
@@ -88,16 +88,16 @@ jobs:
       # Provenance SBOM and attestation
       - name: Generate SBOM
         uses: anchore/sbom-action@v0
-        id: syft
         with:
           image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAGS }}
           registry-username: ${{ secrets.QUAY_USER }}
           registry-password: ${{ secrets.QUAY_TOKEN }}
           artifact-name: pet-battle-api.sbom
+          output-file: /tmp
 
       - name: Attach SBOM to image
         run: |
-          cosign attach sbom --sbom ${{ steps.syft.output-file }}/pet-battle-api.sbom \
+          cosign attach sbom --sbom /tmp/pet-battle-api.sbom \
             ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAGS }}
         env:
           COSIGN_PASSWORD: ""