From 25097a879c24e6967a31e960f24a7e4eb7b50bc0 Mon Sep 17 00:00:00 2001 From: Jeroen Knoops Date: Fri, 2 Dec 2022 14:54:32 +0100 Subject: [PATCH] Add Actionpath and Job to Entrypoint Closes: #226 Signed-off-by: Jeroen Knoops --- pkg/github/provenance.go | 2 +- pkg/github/provenance_test.go | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/pkg/github/provenance.go b/pkg/github/provenance.go index 566688c9..cc5384bb 100644 --- a/pkg/github/provenance.go +++ b/pkg/github/provenance.go @@ -37,7 +37,7 @@ func (e *Environment) GenerateProvenanceStatement(ctx context.Context, subjecter // See https://github.com/github/feedback/discussions/4188 intoto.WithInvocation( BuildType, - e.Context.Workflow, + fmt.Sprintf("%s:%s", e.Context.ActionPath, e.Context.Job), nil, event.Inputs, []intoto.Item{ diff --git a/pkg/github/provenance_test.go b/pkg/github/provenance_test.go index 929f02c0..5e370358 100644 --- a/pkg/github/provenance_test.go +++ b/pkg/github/provenance_test.go @@ -241,6 +241,8 @@ func TestGenerateProvenance(t *testing.T) { Repository: "philips-labs/slsa-provenance-action", Event: []byte(pushGitHubEvent), EventName: "push", + ActionPath: ".github/workflows/build.yml", + Job: "job-context", SHA: "849fb987efc0c0fc72e26a38f63f0c00225132be", } materials := []intoto.Item{ @@ -299,6 +301,8 @@ func TestGenerateProvenanceFromGitHubRelease(t *testing.T) { Repository: "philips-labs/slsa-provenance-action", Event: []byte(pushGitHubEvent), EventName: "push", + ActionPath: ".github/workflows/build.yml", + Job: "job-context", SHA: "849fb987efc0c0fc72e26a38f63f0c00225132be", } materials := []intoto.Item{ @@ -402,7 +406,7 @@ func TestGenerateProvenanceFromGitHubReleaseErrors(t *testing.T) { } func assertInvocation(assert *assert.Assertions, recipe intoto.Invocation) { - assert.Equal("", recipe.ConfigSource.EntryPoint) + assert.Equal(".github/workflows/build.yml:job-context", recipe.ConfigSource.EntryPoint) assert.Nil(recipe.Environment) assert.Nil(recipe.Parameters) }