Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Release v1.8.0-rc.2 #2513

Merged
merged 4 commits into from
Aug 2, 2023
Merged
Show file tree
Hide file tree
Changes from 3 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/actions/generate-builder/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ runs:
using: "composite"
steps:
- name: Checkout builder repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@v1.8.0-rc.2
with:
repository: ${{ inputs.repository }}
ref: ${{ inputs.ref }}
Expand Down
2 changes: 1 addition & 1 deletion .github/actions/secure-download-artifact/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ runs:

- name: Compute the hash
id: compute
uses: slsa-framework/slsa-github-generator/.github/actions/compute-sha256@main
uses: slsa-framework/slsa-github-generator/.github/actions/compute-sha256@v1.8.0-rc.2
with:
path: "${{ steps.validate-path.outputs.file_path }}"

Expand Down
4 changes: 2 additions & 2 deletions .github/actions/secure-download-folder/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ runs:
steps:
- name: Compute a random value
id: rng
uses: slsa-framework/slsa-github-generator/.github/actions/rng@main
uses: slsa-framework/slsa-github-generator/.github/actions/rng@v1.8.0-rc.2

- name: Download the artifact
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
Expand All @@ -41,7 +41,7 @@ runs:

- name: Compute the hash
id: compute
uses: slsa-framework/slsa-github-generator/.github/actions/compute-sha256@main
uses: slsa-framework/slsa-github-generator/.github/actions/compute-sha256@v1.8.0-rc.2
with:
path: "${{ steps.rng.outputs.random }}/folder.tgz"

Expand Down
2 changes: 1 addition & 1 deletion .github/actions/secure-upload-artifact/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ runs:
steps:
- name: Compute binary hash
id: compute-digest
uses: slsa-framework/slsa-github-generator/.github/actions/compute-sha256@main
uses: slsa-framework/slsa-github-generator/.github/actions/compute-sha256@v1.8.0-rc.2
with:
path: "${{ inputs.path }}"

Expand Down
2 changes: 1 addition & 1 deletion .github/actions/secure-upload-folder/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ runs:

- name: Upload the artifact
id: upload
uses: slsa-framework/slsa-github-generator/.github/actions/secure-upload-artifact@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-upload-artifact@v1.8.0-rc.2
with:
name: "${{ inputs.name }}"
path: "${{ steps.create.outputs.tarball-path }}"
4 changes: 2 additions & 2 deletions .github/workflows/builder_bazel_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ jobs:
steps:
- name: Generate the token
id: generate
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@main
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@v1.8.0-rc.2
with:
slsa-workflow-recipient: "delegator_lowperms-generic_slsa3.yml"
slsa-rekor-log-public: ${{ inputs.rekor-log-public }}
Expand All @@ -100,6 +100,6 @@ jobs:
id-token: write # For signing.
contents: read # For asset uploads.
actions: read # For the entrypoint.
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@main
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@v1.8.0-rc.2
with:
slsa-token: ${{ needs.slsa-setup.outputs.slsa-token }}
14 changes: 7 additions & 7 deletions .github/workflows/builder_container-based_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ jobs:
steps:
- name: Generate random 16-byte value (32-char hex encoded)
id: rng
uses: slsa-framework/slsa-github-generator/.github/actions/rng@main
uses: slsa-framework/slsa-github-generator/.github/actions/rng@v1.8.0-rc.2

# This detects the repository and ref of the reusable workflow.
# For pull request, this gets the referenced slsa-github-generator workflow.
Expand All @@ -180,7 +180,7 @@ jobs:
steps:
- name: Detect the builder ref
id: detect
uses: slsa-framework/slsa-github-generator/.github/actions/detect-workflow-js@main
uses: slsa-framework/slsa-github-generator/.github/actions/detect-workflow-js@v1.8.0-rc.2

###################################################################
# #
Expand All @@ -197,7 +197,7 @@ jobs:
steps:
- name: Generate builder binary
id: generate
uses: slsa-framework/slsa-github-generator/.github/actions/generate-builder@main
uses: slsa-framework/slsa-github-generator/.github/actions/generate-builder@v1.8.0-rc.2
with:
repository: "${{ needs.detect-env.outputs.repository }}"
ref: "${{ needs.detect-env.outputs.ref }}"
Expand Down Expand Up @@ -230,7 +230,7 @@ jobs:
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Checkout builder repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@v1.8.0-rc.2
with:
repository: "${{ needs.detect-env.outputs.repository }}"
ref: "${{ needs.detect-env.outputs.ref }}"
Expand Down Expand Up @@ -357,7 +357,7 @@ jobs:
docker login "${untrusted_registry}" -u "${username}" -p "${password}"

- name: Checkout builder repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@v1.8.0-rc.2
with:
repository: "${{ needs.detect-env.outputs.repository }}"
ref: "${{ needs.detect-env.outputs.ref }}"
Expand Down Expand Up @@ -485,7 +485,7 @@ jobs:
provenance-sha256: ${{ steps.upload-signed.outputs.sha256 }}
steps:
- name: Checkout builder repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@v1.8.0-rc.2
with:
repository: "${{ needs.detect-env.outputs.repository }}"
ref: "${{ needs.detect-env.outputs.ref }}"
Expand Down Expand Up @@ -575,7 +575,7 @@ jobs:
if: inputs.upload-assets && (startsWith(github.ref, 'refs/tags/') || inputs.upload-tag-name != '')
steps:
- name: Checkout builder repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@v1.8.0-rc.2
with:
repository: "${{ needs.detect-env.outputs.repository }}"
ref: "${{ needs.detect-env.outputs.ref }}"
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/builder_go_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ jobs:
steps:
- name: Generate random 16-byte value (32-char hex encoded)
id: rng
uses: slsa-framework/slsa-github-generator/.github/actions/rng@main
uses: slsa-framework/slsa-github-generator/.github/actions/rng@v1.8.0-rc.2

detect-env:
outputs:
Expand All @@ -142,7 +142,7 @@ jobs:
steps:
- name: Detect the builder ref
id: detect
uses: slsa-framework/slsa-github-generator/.github/actions/detect-workflow-js@main
uses: slsa-framework/slsa-github-generator/.github/actions/detect-workflow-js@v1.8.0-rc.2

###################################################################
# #
Expand All @@ -157,7 +157,7 @@ jobs:
steps:
- name: Generate builder binary
id: generate
uses: slsa-framework/slsa-github-generator/.github/actions/generate-builder@main
uses: slsa-framework/slsa-github-generator/.github/actions/generate-builder@v1.8.0-rc.2
with:
repository: "${{ needs.detect-env.outputs.repository }}"
ref: "${{ needs.detect-env.outputs.ref }}"
Expand Down Expand Up @@ -191,7 +191,7 @@ jobs:
needs: [builder, rng, detect-env]
steps:
- name: Checkout builder repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@v1.8.0-rc.2
with:
repository: "${{ needs.detect-env.outputs.repository }}"
ref: "${{ needs.detect-env.outputs.ref }}"
Expand Down Expand Up @@ -238,7 +238,7 @@ jobs:
needs: [builder, build-dry, rng, detect-env]
steps:
- name: Checkout builder repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@v1.8.0-rc.2
with:
repository: "${{ needs.detect-env.outputs.repository }}"
ref: "${{ needs.detect-env.outputs.ref }}"
Expand Down Expand Up @@ -320,7 +320,7 @@ jobs:
go-provenance-sha256: ${{ steps.sign-prov.outputs.signed-provenance-sha256 }}
steps:
- name: Checkout builder repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@v1.8.0-rc.2
with:
repository: "${{ needs.detect-env.outputs.repository }}"
ref: "${{ needs.detect-env.outputs.ref }}"
Expand Down Expand Up @@ -378,7 +378,7 @@ jobs:
if: inputs.upload-assets && (startsWith(github.ref, 'refs/tags/') || inputs.upload-tag-name != '')
steps:
- name: Checkout builder repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@v1.8.0-rc.2
with:
repository: "${{ needs.detect-env.outputs.repository }}"
ref: "${{ needs.detect-env.outputs.ref }}"
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/builder_gradle_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ jobs:
steps:
- name: Generate the token
id: generate
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@main
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@v1.8.0-rc.2
with:
slsa-workflow-recipient: "delegator_lowperms-generic_slsa3.yml"
slsa-rekor-log-public: ${{ inputs.rekor-log-public }}
Expand All @@ -73,7 +73,7 @@ jobs:
id-token: write # For signing.
contents: read # For asset uploads.
actions: read # For the entrypoint.
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@main
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@v1.8.0-rc.2
with:
slsa-token: ${{ needs.slsa-setup.outputs.slsa-token }}

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/builder_maven_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ jobs:
steps:
- name: Generate the token
id: generate
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@main
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@v1.8.0-rc.2
with:
slsa-workflow-recipient: "delegator_lowperms-generic_slsa3.yml"
slsa-rekor-log-public: "${{ inputs.rekor-log-public }}"
Expand All @@ -69,7 +69,7 @@ jobs:
id-token: write # For signing.
contents: read # For asset uploads.
actions: read # For the entrypoint.
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@main
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@v1.8.0-rc.2
with:
slsa-token: "${{ needs.slsa-setup.outputs.slsa-token }}"

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/builder_nodejs_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ jobs:
steps:
- name: Generate the token
id: generate
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@main
uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@v1.8.0-rc.2
with:
slsa-workflow-recipient: "delegator_lowperms-generic_slsa3.yml"
slsa-rekor-log-public: ${{ inputs.rekor-log-public }}
Expand All @@ -104,6 +104,6 @@ jobs:
id-token: write # For signing.
contents: read # For repo checkout of private repos.
actions: read # For getting workflow run on private repos.
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@main
uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@v1.8.0-rc.2
with:
slsa-token: ${{ needs.slsa-setup.outputs.slsa-token }}
24 changes: 12 additions & 12 deletions .github/workflows/delegator_generic_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ jobs:
steps:
- name: Generate random 16-byte value (32-char hex encoded)
id: rng
uses: slsa-framework/slsa-github-generator/.github/actions/rng@main
uses: slsa-framework/slsa-github-generator/.github/actions/rng@v1.8.0-rc.2

# verify-token verifies the slsa token.
verify-token:
Expand All @@ -100,7 +100,7 @@ jobs:
steps:
- name: Verify token
id: verify
uses: slsa-framework/slsa-github-generator/.github/actions/verify-token@main
uses: slsa-framework/slsa-github-generator/.github/actions/verify-token@v1.8.0-rc.2
with:
slsa-workflow-recipient: "delegator_generic_slsa3.yml"
slsa-unverified-token: ${{ inputs.slsa-token }}
Expand All @@ -109,7 +109,7 @@ jobs:

- name: Upload predicate
id: upload
uses: slsa-framework/slsa-github-generator/.github/actions/secure-upload-artifact@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-upload-artifact@v1.8.0-rc.2
with:
name: "${{ needs.rng.outputs.value }}-${{ env.SLSA_PREDICATE_FILE }}"
path: ${{ env.SLSA_PREDICATE_FILE }}
Expand All @@ -120,7 +120,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check private repos
uses: slsa-framework/slsa-github-generator/.github/actions/privacy-check@main
uses: slsa-framework/slsa-github-generator/.github/actions/privacy-check@v1.8.0-rc.2
with:
error_message: "Repository is private. The workflow has halted in order to keep the repository name from being exposed in the public transparency log. Set 'private-repository' to override."
override: ${{ fromJson(needs.verify-token.outputs.slsa-verified-token).builder.rekor_log_public }}
Expand All @@ -147,7 +147,7 @@ jobs:
echo "$RUNNER: $RUNNER"

- name: Checkout the tool repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@v1.8.0-rc.2
with:
repository: ${{ needs.verify-token.outputs.tool-repository }}
ref: ${{ needs.verify-token.outputs.tool-ref }}
Expand All @@ -171,7 +171,7 @@ jobs:
tree

- name: Checkout the project repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-project-checkout@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-project-checkout@v1.8.0-rc.2
with:
fetch-depth: ${{ fromJson(needs.verify-token.outputs.slsa-verified-token).source.checkout.fetch_depth }}
checkout-sha1: ${{ fromJson(needs.verify-token.outputs.slsa-verified-token).source.checkout.sha1 }}
Expand Down Expand Up @@ -213,7 +213,7 @@ jobs:

- name: Upload artifact layout file
id: upload
uses: slsa-framework/slsa-github-generator/.github/actions/secure-upload-artifact@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-upload-artifact@v1.8.0-rc.2
with:
name: "${{ needs.rng.outputs.value }}-${{ env.SLSA_ARTIFACTS_FILE }}"
path: "${{ env.SLSA_ARTIFACTS_FILE }}"
Expand All @@ -229,14 +229,14 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Download the artifact layout file
uses: slsa-framework/slsa-github-generator/.github/actions/secure-download-artifact@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-download-artifact@v1.8.0-rc.2
with:
name: "${{ needs.rng.outputs.value }}-${{ env.SLSA_ARTIFACTS_FILE }}"
path: "${{ env.SLSA_ARTIFACTS_FILE }}"
sha256: ${{ needs.build-artifacts-ubuntu.outputs.artifacts-layout-sha256 }}

- name: Download the predicate file
uses: slsa-framework/slsa-github-generator/.github/actions/secure-download-artifact@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-download-artifact@v1.8.0-rc.2
with:
name: "${{ needs.rng.outputs.value }}-${{ env.SLSA_PREDICATE_FILE }}"
path: ${{ env.SLSA_PREDICATE_FILE }}
Expand Down Expand Up @@ -266,7 +266,7 @@ jobs:

- name: Generate attestations
id: attestations
uses: slsa-framework/slsa-github-generator/.github/actions/generate-attestations@main
uses: slsa-framework/slsa-github-generator/.github/actions/generate-attestations@v1.8.0-rc.2
with:
slsa-layout-file: ${{ env.SLSA_ARTIFACTS_FILE }}
predicate-type: ${{ steps.predicate-type.outputs.predicate-type }}
Expand All @@ -275,14 +275,14 @@ jobs:

- name: Sign attestations
id: sign
uses: slsa-framework/slsa-github-generator/.github/actions/sign-attestations@main
uses: slsa-framework/slsa-github-generator/.github/actions/sign-attestations@v1.8.0-rc.2
with:
attestations: attestations
output-folder: "${{ needs.rng.outputs.value }}-slsa-attestations"

- name: Upload attestations
id: upload
uses: slsa-framework/slsa-github-generator/.github/actions/secure-upload-folder@main
uses: slsa-framework/slsa-github-generator/.github/actions/secure-upload-folder@v1.8.0-rc.2
with:
name: "${{ needs.rng.outputs.value }}-slsa-attestations"
path: "${{ needs.rng.outputs.value }}-slsa-attestations"
Expand Down
Loading
Loading