docker/build-push-action
1
0
Fork 0
mirror of https://github.com/docker/build-push-action.git synced 2025-05-06 21:49:33 +02:00
Code Activity

add attests, provenance and sbom inputs

Browse source 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax 2023-01-11 12:12:09 +01:00
parent 472ccddef1
commit ed2672fc33
No known key found for this signature in database
GPG key ID: 3248E46B6BB8C7F7
4 changed files with 124 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

9
action.yml
View file

@ -13,6 +13,9 @@ inputs:
allow:
description: "List of extra privileged entitlement (e.g., network.host,security.insecure)"
required: false
attests:
description: "List of attestation parameters (e.g., type=sbom,generator=image)"
required: false
build-args:
description: "List of build-time variables"
required: false
@ -60,6 +63,9 @@ inputs:
platforms:
description: "List of target platforms for build"
required: false
provenance:
description: "Generate provenance attestation for the build (shorthand for --attest=type=provenance)"
required: false
pull:
description: "Always attempt to pull all referenced images"
required: false
@ -68,6 +74,9 @@ inputs:
description: "Push is a shorthand for --output=type=registry"
required: false
default: 'false'
sbom:
description: "Generate SBOM attestation for the build (shorthand for --attest=type=sbom)"
required: false
secrets:
description: "List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken)"
required: false