karmada-io
/
karmada
mirror of https://github.com/karmada-io/karmada.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6183 from karmada-io/dependabot/github_actions/slsa-framework/slsa-github-generator-2.1.0 

build(deps): bump slsa-framework/slsa-github-generator from 2.0.0 to 2.1.0
This commit is contained in:
karmada-bot 2025-03-03 17:35:25 +08:00 committed by GitHub
parent 925d6c5732 8ac876ae93
commit 824bd8d3e0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.github/workflows/release.yml vendored
View File

@ -71,7 +71,7 @@ jobs:
id-token: write # Needed for provenance signing and ID id-token: write # Needed for provenance signing and ID
contents: write # Needed for release uploads contents: write # Needed for release uploads
# Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator # Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0 uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0
with: with:
base64-subjects: "${{ needs.generate-subject-for-cli-provenance.outputs.hashes }}" base64-subjects: "${{ needs.generate-subject-for-cli-provenance.outputs.hashes }}"
provenance-name: "karmada-cli.intoto.jsonl" provenance-name: "karmada-cli.intoto.jsonl"
@ -113,7 +113,7 @@ jobs:
id-token: write # Needed for provenance signing and ID id-token: write # Needed for provenance signing and ID
contents: write # Needed for release uploads contents: write # Needed for release uploads
# Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator # Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0 uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0
with: with:
base64-subjects: "${{ needs.release-crds-assests.outputs.hashes }}" base64-subjects: "${{ needs.release-crds-assests.outputs.hashes }}"
provenance-name: "karmada-crds.intoto.jsonl" provenance-name: "karmada-crds.intoto.jsonl"
@ -152,7 +152,7 @@ jobs:
id-token: write # Needed for provenance signing and ID id-token: write # Needed for provenance signing and ID
contents: write # Needed for release uploads contents: write # Needed for release uploads
# Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator # Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0 uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0
with: with:
base64-subjects: "${{ needs.release-charts.outputs.hashes }}" base64-subjects: "${{ needs.release-charts.outputs.hashes }}"
provenance-name: "karmada-charts.intoto.jsonl" provenance-name: "karmada-charts.intoto.jsonl"
@ -195,7 +195,7 @@ jobs:
id-token: write # Needed for provenance signing and ID id-token: write # Needed for provenance signing and ID
contents: write # Needed for release uploads contents: write # Needed for release uploads
# Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator # Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0 uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0
with: with:
base64-subjects: "${{ needs.sbom-assests.outputs.hashes }}" base64-subjects: "${{ needs.sbom-assests.outputs.hashes }}"
provenance-name: "karmada-sbom.intoto.jsonl" provenance-name: "karmada-sbom.intoto.jsonl"