Skip to content

feat: SLSA 3

feat: SLSA 3 #68

name: Build container image, sign it, and generate SBOMs
on:
workflow_call:
outputs:
digest:
description: "Container image digest"
value: ${{jobs.build.outputs.digest}}
push:
branches:
- "main"
- "feat-**"
permissions:
contents: read
jobs:
build:
uses: ./.github/workflows/container-image.yml
permissions:
packages: write
id-token: write
sbom:
needs:
- build
uses: ./.github/workflows/attestation.yml
permissions:
packages: write
id-token: write
with:
image-digest: ${{ needs.build.outputs.digest }}