From b3f802181077e5e9f294f58c3220cdecbe611c28 Mon Sep 17 00:00:00 2001 From: Krishna Manchikalapudi Date: Tue, 7 Oct 2025 09:25:44 -0700 Subject: [PATCH] github attestation fix with DOCKER_IMAGE_DIGEST --- .github/workflows/jf-cli.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/jf-cli.yml b/.github/workflows/jf-cli.yml index b39cca4f8..0ba75d06c 100755 --- a/.github/workflows/jf-cli.yml +++ b/.github/workflows/jf-cli.yml @@ -222,18 +222,19 @@ jobs: - name: "BuildInfo: Docker build create" run: | imageDigest=$(cat "${{env.DOCKER_METADATA_JSON}}" | jq '.["containerimage.digest"]') - echo "${imageDigest}" + echo "DOCKER_IMAGE_DIGEST: ${imageDigest}" + echo "${imageDigest}" > ${{env.DOCKER_IMAGE_DIGEST}} echo "${{env.RT_REPO_DOCKER_URL}}@${imageDigest}" > ${{env.DOCKER_METADATA_JSON}} jf rt bdc ${{env.RT_REPO_DOCKER_VIRTUAL}} --image-file ${{env.DOCKER_METADATA_JSON}} --build-name=${{env.BUILD_NAME}} --build-number=${{env.BUILD_ID}} - + - name: "Evidence: GitHub Attestation" uses: actions/attest-build-provenance@v3 with: subject-name: "oci://${{env.RT_REPO_DOCKER_URL}}" - subject-digest: "${{env.DOCKER_METADATA_JSON}}" # "${{steps.config-docker.outputs.digest}}" + subject-digest: "${{env.DOCKER_IMAGE_DIGEST}}" # "${{steps.config-docker.outputs.digest}}" - name: "BuildInfo: Build Publish"