github.com/yogeshkumararora/slsa-github-generator@v1.10.1-0.20240520161934-11278bd5afb4/actions/delegator/setup-generic/action.yml

github.com/yogeshkumararora/slsa-github-generator@v1.10.1-0.20240520161934-11278bd5afb4/actions/delegator/setup-generic/action.yml (about)

     1  # Copyright 2023 SLSA Authors
     2  #
     3  # Licensed under the Apache License, Version 2.0 (the "License");
     4  # you may not use this file except in compliance with the License.
     5  # You may obtain a copy of the License at
     6  #
     7  #      http://www.apache.org/licenses/LICENSE-2.0
     8  #
     9  # Unless required by applicable law or agreed to in writing, software
    10  # distributed under the License is distributed on an "AS IS" BASIS,
    11  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  # See the License for the specific language governing permissions and
    13  # limitations under the License.
    14  
    15  name: generic setup
    16  
    17  description: "Create a SLSA token for the delegated generic workflows"
    18  
    19  inputs:
    20    slsa-version:
    21      description: "The version of SLSA provenance format to output."
    22      required: false
    23      default: "v1.0"
    24  
    25    slsa-workflow-recipient:
    26      description: >
    27        The workflow filename that this token is intended for.
    28  
    29        Example: delegator_generic_slsa3.yml
    30      type: string
    31      required: true
    32  
    33    slsa-rekor-log-public:
    34      description: "If true, private repositories can post to the public transparency log."
    35      required: false
    36      type: boolean
    37      default: false
    38  
    39    slsa-build-action-path:
    40      description: >
    41        The action path to invoke, from the root of the repository where this action is invoked
    42        Example: ./actions/build-artifacts'
    43      type: string
    44      required: true
    45  
    46    slsa-checkout-sha1:
    47      description: "The git commit to checkout the repository."
    48      required: false
    49  
    50    slsa-runner-label:
    51      description: >
    52        The runner label to run the callback Action (`slsa-build-action-path`) on.
    53      type: choice
    54      options:
    55        - ubuntu-latest
    56      required: true
    57  
    58    slsa-checkout-fetch-depth:
    59      # Same argument to https://github.com/actions/checkout.
    60      description: "Number of commits to fetch. 0 indicates all history for all branches and tags."
    61      required: false
    62      default: 1
    63  
    64    slsa-workflow-inputs:
    65      description: >
    66        A JSON object containing the inputs to the Tool Reusable Workflow (TRW).
    67        The inputs will be recorded in the provenance as the builder's inputs and
    68        passed to the tool's build Action.
    69  
    70        Note: The TRW is the reusable workflow calling this Action.
    71      type: string
    72      required: true
    73  
    74    slsa-workflow-masked-inputs:
    75      description: >
    76        A comma-separated list of input fields to mask in the provenance.
    77        It should be used for fields that have low-entropy values
    78        but need to be kept private. The masking will replace
    79        the value of the fields with '***'. Use this option to mask
    80        usernames, emails or other PII inputs.
    81  
    82        Example: field1, field2, field3
    83      type: string
    84      required: false
    85  
    86  outputs:
    87    slsa-token:
    88      description: "SLSA token"
    89  
    90  runs:
    91    using: "node20"
    92    main: "dist/index.js"