actions/runner
1
0
Fork 0
mirror of https://github.com/actions/runner.git synced 2026-01-10 04:28:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Docker container provenance (#3736)

Browse Source
This commit is contained in:
Pavel Iakovenko
2025-03-10 20:45:37 +00:00
committed by GitHub
parent de51cd0ed6
commit a84e1c2b15
3 changed files with 10 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
.github/workflows/release.yml vendored
View File

@@ -291,6 +291,8 @@ jobs:
permissions:
contents: read
packages: write
id-token: write
attestations: write
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository_owner }}/actions-runner
@@ -336,3 +338,10 @@ jobs:
org.opencontainers.image.source=${{github.server_url}}/${{github.repository}}
org.opencontainers.image.description=https://github.com/actions/runner/releases/tag/v${{ steps.image.outputs.version }}
org.opencontainers.image.licenses=MIT
- name: Generate attestation
uses: actions/attest-build-provenance@v2
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.build-and-push.outputs.digest }}
push-to-registry: true