Skip to content

Commit

Permalink
chore: Revert "fix: remove attestation-name input and output" (#3399)
Browse files Browse the repository at this point in the history 
Reverts #3313
  • Loading branch information
@laurentsimon
laurentsimon committed Mar 21, 2024
1 parent 5c347c0 commit 2cf77fa
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 5 deletions.
13 changes: 13 additions & 0 deletions .github/workflows/generator_generic_slsa3.yml
View file
Expand Up @@ -56,6 +56,10 @@ on:
the assets.
type: string
default: ""
attestation-name:
description: "The artifact name of the signed provenance. The file must have the intoto.jsonl extension. Defaults to <filename>.intoto.jsonl for single artifact or multiple.intoto.jsonl for multiple artifacts. DEPRECATED: Use provenance-name instead."
required: false
type: string
provenance-name:
description: The artifact name of the signed provenance. The file must have the intoto.jsonl extension. Defaults to <filename>.intoto.jsonl for single artifact or multiple.intoto.jsonl for multiple artifacts.
required: false
Expand Down Expand Up @@ -94,6 +98,9 @@ on:
Note: This value is non-empty only when a release asset is uploaded, according to
the values of `upload-assets` and `upload-tag-name`.
value: ${{ jobs.upload-assets.outputs.release-id }}
attestation-name:
description: "DEPRECATED: use the provenance-name output instead."
value: ${{ jobs.generator.outputs.provenance-name }}
provenance-name:
description: "The artifact name of the signed provenance. (A file with the intoto.jsonl extension)."
value: ${{ jobs.generator.outputs.provenance-name }}
Expand Down Expand Up @@ -219,11 +226,17 @@ jobs:
env:
GITHUB_CONTEXT: "${{ toJSON(github) }}"
UNTRUSTED_PROVENANCE_NAME: "${{ inputs.provenance-name }}"
UNTRUSTED_DEPRECATED_ATTESTATION_NAME: "${{ inputs.attestation-name }}"
run: |
set -euo pipefail
untrusted_prov_name=""
if [ "$UNTRUSTED_PROVENANCE_NAME" != "" ]; then
untrusted_prov_name="$UNTRUSTED_PROVENANCE_NAME"
else
if [ "$UNTRUSTED_DEPRECATED_ATTESTATION_NAME" != "" ]; then
echo "WARNING: deprecated attestation-name was used. Use provenance-name instead."
untrusted_prov_name="$UNTRUSTED_DEPRECATED_ATTESTATION_NAME"
fi
fi
# Create and sign provenance.
# NOTE: The builder verifies that the provenance path is located
Expand Down
5 changes: 0 additions & 5 deletions CHANGELOG.md
View file
Expand Up @@ -10,7 +10,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
<!-- toc -->

- [Unreleased](#unreleased)
- [Unreleased: Breaking Change: attestation-name Workflow Input and Output](#unreleased-breaking-change-attestation-name-workflow-input-and-output)
- [Unreleased: Gradle Builder](#unreleased-gradle-builder)
- [Unreleased: Go Builder](#unreleased-go-builder)
- [Unreleased: Container Generator](#unreleased-container-generator)
Expand Down Expand Up @@ -100,10 +99,6 @@ duplication."

## Unreleased

### Unreleased: Breaking Change: attestation-name Workflow Input and Output

- `attestation-name` as a workflow input to `.github/workflows/generator_generic_slsa3.yml` is now removed. Use `provenance-name` instead.

### Unreleased: Gradle Builder

- The Gradle Builder was fixed when the project root is the same as the
Expand Down
2 changes: 2 additions & 0 deletions internal/builders/generic/README.md
View file
Expand Up @@ -266,6 +266,7 @@ The [generic workflow](https://github.com/slsa-framework/slsa-github-generator/b
| `upload-assets` | no | false | If true provenance is uploaded to a GitHub release for new tags. |
| `upload-tag-name` | no | | If specified and `upload-assets` is set to true, the provenance will be uploaded to a Github release identified by the tag-name regardless of the triggering event. |
| `provenance-name` | no | "(subject name).intoto.jsonl" if a single subject. "multiple.intoto.json" if multiple subjects. | The artifact name of the signed provenance. The file must have the `intoto.jsonl` extension. |
| `attestation-name` | no | "(subject name).intoto.jsonl" if a single subject. "multiple.intoto.json" if multiple subjects. | The artifact name of the signed provenance. The file must have the `intoto.jsonl` extension. DEPRECATED: use `provenance-name` instead. |
| `private-repository` | no | false | Set to true to opt-in to posting to the public transparency log. Will generate an error if false for private repositories. This input has no effect for public repositories. See [Private Repositories](#private-repositories). |
| `continue-on-error` | no | false | Set to true to ignore errors. This option is useful if you won't want a failure to fail your entire workflow. |
| `draft-release` | no | false | If true, the release is created as a draft |
Expand All @@ -277,6 +278,7 @@ The [generic workflow](https://github.com/slsa-framework/slsa-github-generator/b
| Name | Description |
| ------------------ | ----------------------------------------------------------------------------------------------- |
| `provenance-name` | The artifact name of the signed provenance. |
| `attestation-name` | The artifact name of the signed provenance. DEPRECATED: use `provenance-name` instead. |
| `outcome` | If `continue-on-error` is `true`, will contain the outcome of the run (`success` or `failure`). |

### Provenance Format
Expand Down

0 comments on commit 2cf77fa

Please sign in to comment.