extern/hishtory
1
0
Fork 0
mirror of https://github.com/ddworken/hishtory.git synced 2025-08-19 03:06:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update slsa validation to not validate version when running in github actions, since the one in actions isn't associated with a released version

Browse Source
This commit is contained in:
David Dworken
2023-11-05 01:15:54 -07:00
parent c3c74970b0
commit c918bcd3cb
3 changed files with 12 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
client/lib/slsa.go
View File

@@ -17,10 +17,12 @@ import (
func verify(ctx context.Context, provenance []byte, artifactHash, source, branch, versionTag string) error {
provenanceOpts := &options.ProvenanceOpts{
ExpectedSourceURI: source,
ExpectedBranch: &branch,
ExpectedDigest: artifactHash,
ExpectedVersionedTag: &versionTag,
ExpectedSourceURI: source,
ExpectedBranch: &branch,
ExpectedDigest: artifactHash,
}
if versionTag != "" {
provenanceOpts.ExpectedVersionedTag = &versionTag
}
builderOpts := &options.BuilderOpts{}
_, _, err := verifiers.Verify(ctx, provenance, artifactHash, provenanceOpts, builderOpts)