From fc5b73eac1e3130f0b1647213bc56b455b9d85ef Mon Sep 17 00:00:00 2001 From: Ian Lewis Date: Mon, 25 Jul 2022 23:21:08 +0000 Subject: [PATCH] Update buildType of generic generator --- .../scripts/pre-submit.e2e.generic.default.sh | 2 +- internal/builders/container/README.md | 10 +++++----- internal/builders/generic/README.md | 10 +++++----- internal/builders/generic/attest.go | 2 +- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/scripts/pre-submit.e2e.generic.default.sh b/.github/workflows/scripts/pre-submit.e2e.generic.default.sh index ad6f276082..377753e818 100755 --- a/.github/workflows/scripts/pre-submit.e2e.generic.default.sh +++ b/.github/workflows/scripts/pre-submit.e2e.generic.default.sh @@ -25,4 +25,4 @@ ATTESTATION=$(cat "$PROVENANCE") e2e_verify_common_all "$ATTESTATION" e2e_verify_predicate_subject_name "$ATTESTATION" "$BINARY" -e2e_verify_predicate_buildType "$ATTESTATION" "https://github.com/slsa-framework/slsa-github-generator@v1" +e2e_verify_predicate_buildType "$ATTESTATION" "https://github.com/slsa-framework/slsa-github-generator/generic@v1" diff --git a/internal/builders/container/README.md b/internal/builders/container/README.md index 4b08bac1de..dc69cb7602 100644 --- a/internal/builders/container/README.md +++ b/internal/builders/container/README.md @@ -183,10 +183,10 @@ Secrets: The project generates SLSA provenance with the following values. -| Name | Value | Description | -| ---------------------------- | -------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `buildType` | `"https://github.com/slsa-framework/slsa-github-generator@v1"` | Identifies a generic GitHub Actions build. | -| `metadata.buildInvocationID` | `"[run_id]-[run_attempt]"` | The GitHub Actions [`run_id`](https://docs.github.com/en/actions/learn-github-actions/contexts#github-context) does not update when a workflow is re-run. Run attempt is added to make the build invocation ID unique. | +| Name | Value | Description | +| ---------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `buildType` | `"https://github.com/slsa-framework/slsa-github-generator/generic@v1"` | Identifies a generic GitHub Actions build. | +| `metadata.buildInvocationID` | `"[run_id]-[run_attempt]"` | The GitHub Actions [`run_id`](https://docs.github.com/en/actions/learn-github-actions/contexts#github-context) does not update when a workflow is re-run. Run attempt is added to make the build invocation ID unique. | ### Provenance Example @@ -209,7 +209,7 @@ generated as an [in-toto](https://in-toto.io/) statement with a SLSA predicate. "builder": { "id": "https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@refs/tags/v1.1.1" }, - "buildType": "https://github.com/slsa-framework/slsa-github-generator@v1", + "buildType": "https://github.com/slsa-framework/slsa-github-generator/generic@v1", "invocation": { "configSource": { "uri": "git+https://github.com/ianlewis/actions-test@refs/heads/main.git", diff --git a/internal/builders/generic/README.md b/internal/builders/generic/README.md index 7e4ecd29ae..9cc15d35c0 100644 --- a/internal/builders/generic/README.md +++ b/internal/builders/generic/README.md @@ -208,10 +208,10 @@ The [generic workflow](https://github.com/slsa-framework/slsa-github-generator/b The project generates SLSA provenance with the following values. -| Name | Value | Description | -| ---------------------------- | -------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `buildType` | `"https://github.com/slsa-framework/slsa-github-generator@v1"` | Identifies a generic GitHub Actions build. | -| `metadata.buildInvocationID` | `"[run_id]-[run_attempt]"` | The GitHub Actions [`run_id`](https://docs.github.com/en/actions/learn-github-actions/contexts#github-context) does not update when a workflow is re-run. Run attempt is added to make the build invocation ID unique. | +| Name | Value | Description | +| ---------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `buildType` | `"https://github.com/slsa-framework/slsa-github-generator/generic@v1"` | Identifies a generic GitHub Actions build. | +| `metadata.buildInvocationID` | `"[run_id]-[run_attempt]"` | The GitHub Actions [`run_id`](https://docs.github.com/en/actions/learn-github-actions/contexts#github-context) does not update when a workflow is re-run. Run attempt is added to make the build invocation ID unique. | ### Provenance Example @@ -234,7 +234,7 @@ generated as an [in-toto](https://in-toto.io/) statement with a SLSA predicate. "builder": { "id": "https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@refs/tags/v1.2.0" }, - "buildType": "https://github.com/slsa-framework/slsa-github-generator@v1", + "buildType": "https://github.com/slsa-framework/slsa-github-generator/generic@v1", "invocation": { "configSource": { "uri": "git+https://github.com/ianlewis/actions-test@refs/heads/main.git", diff --git a/internal/builders/generic/attest.go b/internal/builders/generic/attest.go index 369803fdd5..536ea749dc 100644 --- a/internal/builders/generic/attest.go +++ b/internal/builders/generic/attest.go @@ -44,7 +44,7 @@ var ( wsSplit = regexp.MustCompile(`[\t ]`) // provenanceOnlyBuildType is the URI for provenance only SLSA generation. - provenanceOnlyBuildType = "https://github.com/slsa-framework/slsa-github-generator@v1" + provenanceOnlyBuildType = "https://github.com/slsa-framework/slsa-github-generator/generic@v1" ) // errBase64 indicates a base64 error in the subject.