diff --git a/.github/workflows/build-latest.yml b/.github/workflows/build-latest.yml index b702fd05..5777950b 100644 --- a/.github/workflows/build-latest.yml +++ b/.github/workflows/build-latest.yml @@ -21,8 +21,16 @@ jobs: password: ${{secrets.GITHUB_TOKEN}} - name: Build and Push Docker image + id: push uses: docker/build-push-action@v6.9.0 with: context: . push: true - tags: ghcr.io/salopensource/sal:latest \ No newline at end of file + tags: ghcr.io/salopensource/sal:latest + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true \ No newline at end of file diff --git a/.github/workflows/build-saml-latest.yml b/.github/workflows/build-saml-latest.yml index 30c72f81..29511b56 100644 --- a/.github/workflows/build-saml-latest.yml +++ b/.github/workflows/build-saml-latest.yml @@ -27,9 +27,17 @@ jobs: password: ${{secrets.GITHUB_TOKEN}} - name: Build and Push Docker image + id: push uses: docker/build-push-action@v6.9.0 with: context: saml file: saml/Dockerfile.pristine push: true - tags: ghcr.io/salopensource/sal-saml:latest \ No newline at end of file + tags: ghcr.io/salopensource/sal-saml:latest + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true \ No newline at end of file diff --git a/.github/workflows/build-saml-tag.yml b/.github/workflows/build-saml-tag.yml index ecb0de6a..84235333 100644 --- a/.github/workflows/build-saml-tag.yml +++ b/.github/workflows/build-saml-tag.yml @@ -27,9 +27,17 @@ jobs: password: ${{secrets.GITHUB_TOKEN}} - name: Build and Push Docker image + id: push uses: docker/build-push-action@v6.9.0 with: context: saml push: true file: saml/Dockerfile.pristine - tags: ghcr.io/salopensource/sal-saml:${{ github.ref_name }} \ No newline at end of file + tags: ghcr.io/salopensource/sal-saml:${{ github.ref_name }} + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true \ No newline at end of file diff --git a/.github/workflows/build-tag.yml b/.github/workflows/build-tag.yml index 7d53be4b..5e1a5655 100644 --- a/.github/workflows/build-tag.yml +++ b/.github/workflows/build-tag.yml @@ -21,8 +21,16 @@ jobs: password: ${{secrets.GITHUB_TOKEN}} - name: Build and Push Docker image + id: push uses: docker/build-push-action@v6.9.0 with: context: . push: true - tags: ghcr.io/salopensource/sal:${{ github.ref_name }} \ No newline at end of file + tags: ghcr.io/salopensource/sal:${{ github.ref_name }} + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true \ No newline at end of file diff --git a/sal/version.plist b/sal/version.plist index d958fb77..5103ab0c 100644 --- a/sal/version.plist +++ b/sal/version.plist @@ -3,6 +3,6 @@ version - 4.3.0.2293 + 4.3.0.2294