rename all to .build.slsa

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
slsa-framework · Aug 7, 2024 · c8a9a5f · c8a9a5f
1 parent e10f792
commit c8a9a5f
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 5 deletions.
diff --git a/.github/workflows/builder_generic_slsa3.yml b/.github/workflows/builder_generic_slsa3.yml
@@ -30,8 +30,8 @@ on:
         type: string
 
       provenance-name:
-        description: The artifact name of the signed provenance. The file must have the intoto.jsonl extension. Defaults to <filename>.intoto.jsonl for single artifact or multiple.intoto.jsonl for multiple artifacts.
-        required: false
+        description: The artifact name of the signed provenance. The file must have the build.slsa extension.
+        required: true
         type: string
 
       rekor-log-public:

diff --git a/.github/workflows/debug.generic-generator.yml b/.github/workflows/debug.generic-generator.yml
@@ -111,7 +111,7 @@ jobs:
     uses: ./.github/workflows/builder_generic_slsa3.yml
     with:
       base64-subjects: "${{ needs.build.outputs.hashes }}"
-      provenance-name: my-debug-prov.intoto.jsonl
+      provenance-name: my-debug-prov.build.slsa
       rekor-log-public: true
 
   verify2:

diff --git a/internal/builders/generic_generator/main.go b/internal/builders/generic_generator/main.go
@@ -26,10 +26,14 @@ type Subject struct {
 func main() {
 	base64Subjects := flag.String("base64-subjects", "", "a base64-encoded list of subjects")
 	base64SubjectsFile := flag.String("base64-subjects-file", "", "file with a base64-encoded list of subjects")
-	provenanceName := flag.String("provenance-name", "", "name of the provenance")
+	provenanceName := flag.String("provenance-name", "", "name of the provenance, including the .build.slsa suffix")
 	outputFile := flag.String("output-file", "", "outfile to write the SLSA layout to")
 	flag.Parse()
 
+	if !strings.HasSuffix(*provenanceName, ".build.slsa") {
+		log.Fatalf("provenance name must have the .build.slsa suffix: %s", *provenanceName)
+	}
+
 	var base64Content string
 	if *base64Subjects != "" {
 		base64Content = *base64Subjects
@@ -49,7 +53,7 @@ func main() {
 	}
 
 	attestation := Attestation{
-		Name: strings.TrimSuffix(*provenanceName, ".intoto.jsonl"),
+		Name: strings.TrimSuffix(*provenanceName, ".build.slsa"),
 	}
 	layout := SLSALayout{
 		Version:      1,