github/capsule
1
0
Fork 0
mirror of https://github.com/projectcapsule/capsule.git synced 2026-05-22 01:02:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: pin slsa provenance workflow (#1903)

Browse Source 
Signed-off-by: Akash Kumar <meakash7902@gmail.com>
This commit is contained in:
Akash Kumar
2026-05-18 16:33:51 +05:30
committed by GitHub
parent 859aa0360b
commit 77e7532016
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/docker-publish.yml vendored
View File

@@ -60,7 +60,7 @@ jobs:
id-token: write # To sign the provenance.
packages: write # To upload assets to release.
actions: read # To read the workflow path.
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@f7dd8c54c2067bafc12ca7a55595d5ee9b75204a # v2.1.0
with:
image: ghcr.io/${{ github.repository_owner }}/capsule
digest: "${{ needs.publish-images.outputs.capsule-digest }}"

2
.github/workflows/helm-publish.yml vendored
View File

@@ -73,7 +73,7 @@ jobs:
id-token: write # To sign the provenance.
packages: write # To upload assets to release.
actions: read # To read the workflow path.
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@f7dd8c54c2067bafc12ca7a55595d5ee9b75204a # v2.1.0
with:
image: ghcr.io/${{ github.repository_owner }}/charts/capsule
digest: "${{ needs.publish-helm-oci.outputs.chart-digest }}"