├── .editorconfig ├── .env.example ├── .github ├── bin │ └── test_provenance.sh ├── dependabot.yml ├── test_resource │ └── example_provenance.json └── workflows │ ├── ci.yaml │ ├── example-local.yaml │ └── example-publish.yaml ├── .gitignore ├── .goreleaser.draft.yml ├── .goreleaser.yml ├── .vscode ├── extensions.json └── settings.json ├── CODEOWNERS ├── CONTRIBUTING.md ├── Dockerfile ├── LICENSE ├── Makefile ├── README.md ├── RELEASE.md ├── action.yaml ├── cmd └── slsa-provenance │ ├── cli │ ├── commands.go │ ├── commands_test.go │ ├── common_test.go │ ├── container.go │ ├── container_test.go │ ├── files.go │ ├── files_test.go │ ├── generate.go │ ├── generate_test.go │ ├── github-release.go │ ├── github-release_test.go │ ├── options │ │ ├── files.go │ │ ├── generate.go │ │ ├── github-release.go │ │ ├── oci.go │ │ └── root.go │ ├── version.go │ └── version_test.go │ └── main.go ├── codecov.yaml ├── cosign.pub ├── go.mod ├── go.sum ├── install-slsa-provenance.sh ├── internal └── transport │ ├── transport.go │ └── transport_test.go ├── pkg ├── github │ ├── github.go │ ├── github_test.go │ ├── provenance.go │ ├── provenance_test.go │ ├── releases.go │ └── releases_test.go ├── intoto │ ├── intoto.go │ ├── intoto_test.go │ ├── materials.go │ ├── materials_test.go │ ├── subjects.go │ └── subjects_test.go └── oci │ ├── auth.go │ ├── subjects.go │ └── subjects_test.go └── test-data ├── materials-broken.not-json ├── materials-no-digest.json ├── materials-no-uri.json └── materials-valid.json /.editorconfig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.editorconfig -------------------------------------------------------------------------------- /.env.example: -------------------------------------------------------------------------------- 1 | GITHUB_TOKEN= 2 | -------------------------------------------------------------------------------- /.github/bin/test_provenance.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.github/bin/test_provenance.sh -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/test_resource/example_provenance.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.github/test_resource/example_provenance.json -------------------------------------------------------------------------------- /.github/workflows/ci.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.github/workflows/ci.yaml -------------------------------------------------------------------------------- /.github/workflows/example-local.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.github/workflows/example-local.yaml -------------------------------------------------------------------------------- /.github/workflows/example-publish.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.github/workflows/example-publish.yaml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.gitignore -------------------------------------------------------------------------------- /.goreleaser.draft.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.goreleaser.draft.yml -------------------------------------------------------------------------------- /.goreleaser.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.goreleaser.yml -------------------------------------------------------------------------------- /.vscode/extensions.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/.vscode/extensions.json -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "go.testEnvFile": "${workspaceFolder}/.env" 3 | } 4 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/CODEOWNERS -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/Dockerfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/LICENSE -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/README.md -------------------------------------------------------------------------------- /RELEASE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/RELEASE.md -------------------------------------------------------------------------------- /action.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/action.yaml -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/commands.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/commands.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/commands_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/commands_test.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/common_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/common_test.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/container.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/container.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/container_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/container_test.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/files.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/files.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/files_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/files_test.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/generate.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/generate.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/generate_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/generate_test.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/github-release.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/github-release.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/github-release_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/github-release_test.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/options/files.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/options/files.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/options/generate.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/options/generate.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/options/github-release.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/options/github-release.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/options/oci.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/options/oci.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/options/root.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/options/root.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/version.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/version.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/cli/version_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/cli/version_test.go -------------------------------------------------------------------------------- /cmd/slsa-provenance/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cmd/slsa-provenance/main.go -------------------------------------------------------------------------------- /codecov.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/codecov.yaml -------------------------------------------------------------------------------- /cosign.pub: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/cosign.pub -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/go.sum -------------------------------------------------------------------------------- /install-slsa-provenance.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/install-slsa-provenance.sh -------------------------------------------------------------------------------- /internal/transport/transport.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/internal/transport/transport.go -------------------------------------------------------------------------------- /internal/transport/transport_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/internal/transport/transport_test.go -------------------------------------------------------------------------------- /pkg/github/github.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/github/github.go -------------------------------------------------------------------------------- /pkg/github/github_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/github/github_test.go -------------------------------------------------------------------------------- /pkg/github/provenance.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/github/provenance.go -------------------------------------------------------------------------------- /pkg/github/provenance_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/github/provenance_test.go -------------------------------------------------------------------------------- /pkg/github/releases.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/github/releases.go -------------------------------------------------------------------------------- /pkg/github/releases_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/github/releases_test.go -------------------------------------------------------------------------------- /pkg/intoto/intoto.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/intoto/intoto.go -------------------------------------------------------------------------------- /pkg/intoto/intoto_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/intoto/intoto_test.go -------------------------------------------------------------------------------- /pkg/intoto/materials.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/intoto/materials.go -------------------------------------------------------------------------------- /pkg/intoto/materials_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/intoto/materials_test.go -------------------------------------------------------------------------------- /pkg/intoto/subjects.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/intoto/subjects.go -------------------------------------------------------------------------------- /pkg/intoto/subjects_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/intoto/subjects_test.go -------------------------------------------------------------------------------- /pkg/oci/auth.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/oci/auth.go -------------------------------------------------------------------------------- /pkg/oci/subjects.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/oci/subjects.go -------------------------------------------------------------------------------- /pkg/oci/subjects_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/pkg/oci/subjects_test.go -------------------------------------------------------------------------------- /test-data/materials-broken.not-json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/test-data/materials-broken.not-json -------------------------------------------------------------------------------- /test-data/materials-no-digest.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/test-data/materials-no-digest.json -------------------------------------------------------------------------------- /test-data/materials-no-uri.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/test-data/materials-no-uri.json -------------------------------------------------------------------------------- /test-data/materials-valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/philips-labs/slsa-provenance-action/HEAD/test-data/materials-valid.json --------------------------------------------------------------------------------