From 8eb64d9748ab281fc32889477fa5dd334e0ff9a9 Mon Sep 17 00:00:00 2001 From: Furkat Gofurov Date: Tue, 2 Apr 2024 17:44:01 +0300 Subject: [PATCH 1/2] Bump slsa-framework/slsa-github-generator to v1.10.0 Nightly release jobs failing due to the bug in the version of slsa-GH generator used (v1.9.0) and this patch updates it to new version Signed-off-by: Furkat Gofurov --- .github/workflows/release-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-workflow.yml b/.github/workflows/release-workflow.yml index 77fea369..6782ae74 100644 --- a/.github/workflows/release-workflow.yml +++ b/.github/workflows/release-workflow.yml @@ -99,7 +99,7 @@ jobs: actions: read id-token: write packages: write - uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.9.0 + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.10.0 with: digest: ${{ needs.build.outputs.digest }} image: ${{ format('{0}-{1}', vars[inputs.image], inputs.arch) }} From 2f35334d3fc9fea5c1348c309f16e35995059815 Mon Sep 17 00:00:00 2001 From: Furkat Gofurov Date: Tue, 2 Apr 2024 23:52:58 +0300 Subject: [PATCH 2/2] Bump sigstore/cosign-installer to latest Signed-off-by: Furkat Gofurov --- .github/workflows/release_sign/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release_sign/action.yaml b/.github/workflows/release_sign/action.yaml index f9f14039..58d2d6ac 100644 --- a/.github/workflows/release_sign/action.yaml +++ b/.github/workflows/release_sign/action.yaml @@ -43,7 +43,7 @@ runs: registry: ${{ inputs.registry }} username: ${{ inputs.username }} password: ${{ inputs.password }} - - uses: sigstore/cosign-installer@v3.1.2 + - uses: sigstore/cosign-installer@v3.4.0 - name: Sign manifests shell: bash env: