-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathpolicy.cue
More file actions
18 lines (16 loc) · 733 Bytes
/
Copy pathpolicy.cue
File metadata and controls
18 lines (16 loc) · 733 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
// The predicateType field must match this string
predicateType: "https://slsa.dev/provenance/v0.2"
predicate: {
// This condition verifies that the builder is the builder we expect and trust.
builder: {
id: =~"^https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@refs/tags/v[0-9]+.[0-9]+.[0-9]+$"
}
invocation: {
configSource: {
// This condition verifies the entrypoint of the workflow.
entryPoint: ".github/workflows/release.yml"
// This condition verifies that the image was generated from the source repository we expect.
uri: =~"^git\\+https://github.com/janfuhrer/podsalsa@refs/tags/v[0-9]+.[0-9]+.[0-9]+(-rc.[0-9]+)?$"
}
}
}