diff --git a/.github/workflows/e2e.delegator-generic.create.main.checkout.slsa3.yml b/.github/workflows/e2e.delegator-generic.create.main.checkout.slsa3.yml index ec87111fbf..2879cbccb9 100644 --- a/.github/workflows/e2e.delegator-generic.create.main.checkout.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.create.main.checkout.slsa3.yml @@ -66,7 +66,7 @@ jobs: contents: write # For asset uploads packages: write # To write to github packages actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v1.11.0 with: artifact: my-artifact filename: delegator/e2e.delegator-generic.workflow_dispatch.main.checkout/build.txt @@ -85,7 +85,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: "${{ needs.build.outputs.artifact }}" # NOTE: This is 'my-artifact'. - - uses: slsa-framework/example-trw/high-perms-checkout/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/high-perms-checkout/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -95,7 +95,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-generic.create.main.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.create.main.default.slsa3.yml index 7dde2a7f56..1ca32bb7b8 100644 --- a/.github/workflows/e2e.delegator-generic.create.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.create.main.default.slsa3.yml @@ -59,7 +59,7 @@ jobs: contents: write # For asset uploads packages: write # To write to github packages actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_generic_slsa3" @@ -75,7 +75,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: "${{ needs.build.outputs.artifact }}" # NOTE: This is 'my-artifact'. - - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -85,7 +85,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-generic.push.main.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.push.main.default.slsa3.yml index 762f0a9111..4276606271 100644 --- a/.github/workflows/e2e.delegator-generic.push.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.push.main.default.slsa3.yml @@ -59,7 +59,7 @@ jobs: contents: write # For asset uploads packages: write # To write to github packages actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_generic_slsa3" @@ -75,7 +75,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: "${{ needs.build.outputs.artifact }}" # NOTE: This is 'my-artifact'. - - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -85,7 +85,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-generic.release.main.checkout.slsa3.yml b/.github/workflows/e2e.delegator-generic.release.main.checkout.slsa3.yml index a93279fd12..8e2f1f6505 100644 --- a/.github/workflows/e2e.delegator-generic.release.main.checkout.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.release.main.checkout.slsa3.yml @@ -67,7 +67,7 @@ jobs: contents: write # For asset uploads packages: write # To write to github packages actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v1.11.0 with: artifact: my-artifact # NOTE: we re-use the same build.txt from other tests. @@ -87,7 +87,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: "${{ needs.build.outputs.artifact }}" # NOTE: This is 'my-artifact'. - - uses: slsa-framework/example-trw/high-perms-checkout/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/high-perms-checkout/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -97,7 +97,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-generic.release.main.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.release.main.default.slsa3.yml index 29a5228223..8c0d6fe309 100644 --- a/.github/workflows/e2e.delegator-generic.release.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.release.main.default.slsa3.yml @@ -60,7 +60,7 @@ jobs: contents: write # For asset uploads packages: write # To write to github packages actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_generic_slsa3" @@ -76,7 +76,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: "${{ needs.build.outputs.artifact }}" # NOTE: This is 'my-artifact'. - - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -86,7 +86,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml index c22a69efa6..ec8c8fde4c 100644 --- a/.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml @@ -61,7 +61,7 @@ jobs: contents: write # For asset uploads packages: write # To write to github packages actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_generic_slsa3" @@ -77,7 +77,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: "${{ needs.build.outputs.artifact }}" # NOTE: This is 'my-artifact'. - - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -87,7 +87,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.checkout.slsa3.yml b/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.checkout.slsa3.yml index 3c3f3e6bad..824007e0f8 100644 --- a/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.checkout.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.checkout.slsa3.yml @@ -69,7 +69,7 @@ jobs: contents: write # For asset uploads packages: write # To write to github packages actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v1.11.0 with: artifact: my-artifact filename: delegator/e2e.delegator-generic.workflow_dispatch.branch1.checkout/build.txt @@ -88,7 +88,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: "${{ needs.build.outputs.artifact }}" # NOTE: This is 'my-artifact'. - - uses: slsa-framework/example-trw/high-perms-checkout/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/high-perms-checkout/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -98,7 +98,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.default.slsa3.yml index 9d4c5b1366..e75b739a1a 100644 --- a/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.workflow_dispatch.branch1.default.slsa3.yml @@ -61,7 +61,7 @@ jobs: contents: write # For asset uploads packages: write # To write to github packages actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_generic_slsa3" @@ -77,7 +77,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: "${{ needs.build.outputs.artifact }}" # NOTE: This is 'my-artifact'. - - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -87,7 +87,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.checkout.slsa3.yml b/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.checkout.slsa3.yml index 319f4dec0d..cf4330c289 100644 --- a/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.checkout.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.checkout.slsa3.yml @@ -68,7 +68,7 @@ jobs: contents: write # For asset uploads packages: write # To write to github packages actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v1.11.0 with: artifact: my-artifact filename: delegator/e2e.delegator-generic.workflow_dispatch.main.checkout/build.txt @@ -87,7 +87,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: "${{ needs.build.outputs.artifact }}" # NOTE: This is 'my-artifact'. - - uses: slsa-framework/example-trw/high-perms-checkout/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/high-perms-checkout/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -97,7 +97,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.default.slsa3.yml b/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.default.slsa3.yml index d87d69d118..412e84632e 100644 --- a/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-generic.workflow_dispatch.main.default.slsa3.yml @@ -61,7 +61,7 @@ jobs: contents: write # For asset uploads packages: write # To write to github packages actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_generic_slsa3" @@ -77,7 +77,7 @@ jobs: - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: "${{ needs.build.outputs.artifact }}" # NOTE: This is 'my-artifact'. - - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/high-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -87,7 +87,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-lowperms.create.main.default.slsa3.yml b/.github/workflows/e2e.delegator-lowperms.create.main.default.slsa3.yml index 99c3e27b3a..599ffb5fd9 100644 --- a/.github/workflows/e2e.delegator-lowperms.create.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-lowperms.create.main.default.slsa3.yml @@ -58,7 +58,7 @@ jobs: id-token: write # For signing contents: write # For asset uploads actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_generic_slsa3" @@ -76,7 +76,7 @@ jobs: name: "${{ needs.build.outputs.artifact-download-name }}" # NOTE: This is randomized 'my-artifact'. sha256: "${{ needs.build.outputs.artifact-download-sha256 }}" path: "." - - uses: slsa-framework/example-trw/low-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/low-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -92,7 +92,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-lowperms.push.main.default.slsa3.yml b/.github/workflows/e2e.delegator-lowperms.push.main.default.slsa3.yml index 9742c32899..eb8da48f69 100644 --- a/.github/workflows/e2e.delegator-lowperms.push.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-lowperms.push.main.default.slsa3.yml @@ -56,7 +56,7 @@ jobs: id-token: write # For signing contents: write # For asset uploads actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_generic_slsa3" @@ -74,7 +74,7 @@ jobs: name: "${{ needs.build.outputs.artifact-download-name }}" # NOTE: This is randomized 'my-artifact'. sha256: "${{ needs.build.outputs.artifact-download-sha256 }}" path: "." - - uses: slsa-framework/example-trw/low-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/low-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -90,7 +90,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-lowperms.release.main.default.slsa3.yml b/.github/workflows/e2e.delegator-lowperms.release.main.default.slsa3.yml index 04d934d835..15f692d966 100644 --- a/.github/workflows/e2e.delegator-lowperms.release.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-lowperms.release.main.default.slsa3.yml @@ -59,7 +59,7 @@ jobs: id-token: write # For signing contents: write # For asset uploads actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_generic_slsa3" @@ -77,7 +77,7 @@ jobs: name: "${{ needs.build.outputs.artifact-download-name }}" # NOTE: This is randomized 'my-artifact'. sha256: "${{ needs.build.outputs.artifact-download-sha256 }}" path: "." - - uses: slsa-framework/example-trw/low-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/low-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -93,7 +93,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-lowperms.tag.main.default.slsa3.yml b/.github/workflows/e2e.delegator-lowperms.tag.main.default.slsa3.yml index ef8999a57a..4ab6ea4a0a 100644 --- a/.github/workflows/e2e.delegator-lowperms.tag.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-lowperms.tag.main.default.slsa3.yml @@ -60,7 +60,7 @@ jobs: id-token: write # For signing contents: write # For asset uploads actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_generic_slsa3" @@ -78,7 +78,7 @@ jobs: name: "${{ needs.build.outputs.artifact-download-name }}" # NOTE: This is randomized 'my-artifact'. sha256: "${{ needs.build.outputs.artifact-download-sha256 }}" path: "." - - uses: slsa-framework/example-trw/low-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/low-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -94,7 +94,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: diff --git a/.github/workflows/e2e.delegator-lowperms.workflow_dispatch.main.default.slsa3.yml b/.github/workflows/e2e.delegator-lowperms.workflow_dispatch.main.default.slsa3.yml index f17dab1458..0197486651 100644 --- a/.github/workflows/e2e.delegator-lowperms.workflow_dispatch.main.default.slsa3.yml +++ b/.github/workflows/e2e.delegator-lowperms.workflow_dispatch.main.default.slsa3.yml @@ -60,7 +60,7 @@ jobs: id-token: write # For signing contents: write # For asset uploads actions: read - uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v0.0.1 + uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.11.0 with: artifact: my-artifact content: "hello world delegator_lowperms_slsa3" @@ -78,7 +78,7 @@ jobs: name: "${{ needs.build.outputs.artifact-download-name }}" # NOTE: This is randomized 'my-artifact'. sha256: "${{ needs.build.outputs.artifact-download-sha256 }}" path: "." - - uses: slsa-framework/example-trw/low-perms/actions/download/attestation@v0.0.1 + - uses: slsa-framework/example-trw/low-perms/actions/download/attestation@v1.11.0 with: name: "${{ needs.build.outputs.provenance-download-name }}" sha256: "${{ needs.build.outputs.provenance-download-sha256 }}" @@ -94,7 +94,7 @@ jobs: - env: BINARY: "${{ needs.build.outputs.artifact }}" PROVENANCE: "${{ needs.build.outputs.provenance-download-name }}/${{ needs.build.outputs.artifact }}.build.slsa" # This is defined by the builder. - BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v0.0.1" + BUILDER_ID: "https://github.com/slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v1.11.0" run: ./.github/workflows/scripts/e2e.delegator.default.verify.sh if-succeeded: