File tree Expand file tree Collapse file tree 1 file changed +6
-6
lines changed
Expand file tree Collapse file tree 1 file changed +6
-6
lines changed Original file line number Diff line number Diff line change @@ -129,9 +129,9 @@ jobs:
129129 dockerhub-provenance :
130130 needs : [release]
131131 permissions :
132- actions : read # To read the workflow path .
133- id-token : write # To sign the provenance .
134- contents : write # To add assets to the release .
132+ actions : read # for detecting the Github Actions environment .
133+ id-token : write # for creating OIDC tokens for signing .
134+ packages : write # for uploading attestations .
135135 uses :
slsa-framework/slsa-github-generator/.github/workflows/[email protected] 136136 with :
137137 image : ${{ needs.release.outputs.image_url }}
@@ -143,9 +143,9 @@ jobs:
143143 ghcr-provenance :
144144 needs : [release]
145145 permissions :
146- actions : read # To read the workflow path .
147- id-token : write # To sign the provenance .
148- contents : write # To add assets to the release .
146+ actions : read # for detecting the Github Actions environment .
147+ id-token : write # for creating OIDC tokens for signing .
148+ packages : write # for uploading attestations .
149149 uses :
slsa-framework/slsa-github-generator/.github/workflows/[email protected] 150150 with :
151151 image : ghcr.io/${{ needs.release.outputs.image_url }}
You can’t perform that action at this time.
0 commit comments