From fb68308e305840e404250496b04479321176463b Mon Sep 17 00:00:00 2001
From: Daniel Liszka <daniel@chainloop.dev>
Date: Tue, 3 Oct 2023 18:49:55 +0200
Subject: [PATCH] Start sending artifacts and metadata to Chainloop to to meet
 SecOps requirements  (#1)

* Adding Chainloop
* Meet requirements enforced by the SecOps team and provide information about built binary
* Use the latest Github Action actions/setup-java@v3

---------
Signed-off-by: Daniel Liszka <daniel@chainloop.dev>
---
 .chainloop.yml                    |  3 +++
 .github/workflows/maven-build.yml | 18 +++++++++++++++++-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/.chainloop.yml b/.chainloop.yml
index e69de29bb..a32046bbb 100644
--- a/.chainloop.yml
+++ b/.chainloop.yml
@@ -0,0 +1,3 @@
+attestation:
+  - name: binary
+    path: artifacts/spring-petclinic-*.jar
diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml
index 5de223fc6..81f54afca 100644
--- a/.github/workflows/maven-build.yml
+++ b/.github/workflows/maven-build.yml
@@ -20,10 +20,26 @@ jobs:
     steps:
       - uses: actions/checkout@v3
       - name: Set up JDK ${{matrix.java}}
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v3
         with:
           java-version: ${{matrix.java}}
           distribution: 'adopt'
           cache: maven
       - name: Build with Maven Wrapper
         run: ./mvnw -B package
+
+      - uses: actions/upload-artifact@v3
+        with:
+          name: artifacts
+          path: target/*.jar
+
+  chainloop:
+    name: Chainloop
+    uses: chainloop-dev/labs/.github/workflows/chainloop.yml@a75dff2ef342a1e5c5e1ec5c42fb99f3d1bc03cb
+    needs: build
+    # with:
+    #   contract_revision: 3
+    secrets:
+      api_token: ${{ secrets.CHAINLOOP_ROBOT_ACCOUNT }}
+      signing_key: ${{ secrets.PRIVATE_KEY }}
+      signing_key_password: ${{ secrets.PRIVATE_KEY_PASSWORD }}
\ No newline at end of file