mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-25 07:29:38 -05:00
deps: update actions/download-artifact action to v4 (#3096)
* deps: update actions/download-artifact action to v4 * Update slsa generator action to v2 --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
parent
73d86c25df
commit
ed54277f78
10
.github/workflows/draft-release.yml
vendored
10
.github/workflows/draft-release.yml
vendored
@ -316,7 +316,7 @@ jobs:
|
||||
- provenance-subjects
|
||||
# This must not be pinned to digest. See:
|
||||
# https://github.com/slsa-framework/slsa-github-generator#referencing-slsa-builders-and-generators
|
||||
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0
|
||||
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
|
||||
with:
|
||||
base64-subjects: "${{ needs.provenance-subjects.outputs.provenance-subjects }}"
|
||||
|
||||
@ -345,9 +345,7 @@ jobs:
|
||||
name: constellation.spdx.sbom
|
||||
|
||||
- name: Download provenance
|
||||
# Need to use the same major version as slsa-github-generator to find uploaded artifacts
|
||||
# https://github.com/slsa-framework/slsa-github-generator/issues/3068
|
||||
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: ${{ needs.provenance.outputs.provenance-name }}
|
||||
|
||||
@ -430,9 +428,7 @@ jobs:
|
||||
name: constellation.spdx.sbom.sig
|
||||
|
||||
- name: Download Constellation provenance
|
||||
# Need to use the same major version as slsa-github-generator to find uploaded artifacts
|
||||
# https://github.com/slsa-framework/slsa-github-generator/issues/3068
|
||||
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: ${{ needs.provenance.outputs.provenance-name }}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user