45
45
runs-on : ubuntu-latest
46
46
needs : ['path-filter', 'test-build']
47
47
outputs :
48
- hashes : ${{ steps.hash.outputs.hashes }}
48
+ hashes : ${{ steps.hash.outputs.hashes_lbox-clients }}
49
49
strategy :
50
50
fail-fast : false
51
51
matrix :
@@ -71,36 +71,24 @@ jobs:
71
71
- name : " Generate hashes"
72
72
id : hash
73
73
run : |
74
- cd dist && echo "hashes-${{matrix.package}}=$(sha256sum * | base64 -w0)" >> $GITHUB_OUTPUT
74
+ cd dist && echo "hashes_${{ matrix.package }}=$(sha256sum * | base64 -w0)" >> $GITHUB_OUTPUT
75
+ echo "hashes_${{ matrix.package }}=$(sha256sum * | base64 -w0)"
75
76
- uses : actions/upload-artifact@v4
76
77
with :
77
78
name : build-${{ matrix.package }}
78
79
path : ./dist
79
80
provenance_python :
80
- needs : [path-filter, build]
81
- runs-on : ubuntu-latest
82
- strategy :
83
- fail-fast : false
84
- matrix :
85
- include : ${{ fromJSON(needs.path-filter.outputs.package-matrix) }}
81
+ needs : [build]
86
82
permissions :
87
83
actions : read
88
84
contents : write
89
85
id-token : write # Needed to access the workflow's OIDC identity.
90
- steps :
91
- - name : Use hashes output
92
- id : use-hashes
93
- run : |
94
- HASH_VAR="hashes-${{ matrix.package }}"
95
- echo "HASH_VAR=$HASH_VAR" >> $GITHUB_ENV
96
- echo "Using hash: ${{ env.HASH_VAR }}"
97
- - uses : slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
98
- with :
99
- private-repository : true
100
- base64-subjects : " ${{ env.HASH_VAR }}"
101
- upload-assets : true
102
- upload-tag-name : v.6.0.0 # Tag from the initiation of the workflow
103
-
86
+ uses : slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
87
+ with :
88
+ base64-subjects : " ${{ needs.build.outputs.hashes }}"
89
+ upload-assets : true
90
+ upload-tag-name : v.6.0.0 # Tag from the initiation of the workflow
91
+
104
92
test-build :
105
93
needs : ['path-filter']
106
94
if : ${{ needs.path-filter.outputs.lbox == 'true' }}
0 commit comments