TheArchive/restic
1
0
Fork 0
mirror of https://github.com/restic/restic.git synced 2025-03-13 07:00:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
restic/changelog/unreleased/issue-4983
Srigovind Nayak 144221b430
docker: add SLSA provenance to .github workflow 
* the id-token of the GitHub Actions workflow will be used for image signing
* replace branch-based tagging with SHA-based tagging since, branch names are mutable, SLSA provenance requires immutable tagging
* use official SLSA framework Github Reusable workflow

docker: fix incorrect registry name in image output step

* use REGISTRY environment variable instead of IMAGE_REGISTRY

docker: revert change to remove branch tag
2024-12-02 00:14:38 +05:30

8 lines
315 B
Plaintext
Raw Blame History

Enhancement: add SLSA provenance to the Docker images
Restic's Docker image build workflow now includes SLSA provenance generation.
This enhancement improves the security and traceability of the Docker images'
build process.
https://github.com/restic/restic/issues/4983
https://github.com/restic/restic/pull/4999
Reference in New Issue View Git Blame Copy Permalink