mirror of
https://github.com/spring-projects/spring-petclinic.git
synced 2025-07-22 15:55:49 +00:00
chore(demo): add chainloop
Signed-off-by: Miguel Martinez Trivino <miguel@chainloop.dev>
This commit is contained in:
Miguel Martinez Trivino
parent
c9825f7f7f
commit
fb7d7c646f
2 changed files with 15 additions and 1 deletions
2
.chainloop.yml
Normal file
2
.chainloop.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
# defines files to be added to the attestation
|
||||
attestation: {}
|
||||
14
.github/workflows/maven-build.yml
vendored
14
.github/workflows/maven-build.yml
vendored
|
|
@ -36,7 +36,7 @@ jobs:
|
|||
|
||||
collect-metadata:
|
||||
runs-on: ubuntu-latest
|
||||
name: "Security and Compliance Checks"
|
||||
name: Generate metadata
|
||||
needs: build
|
||||
steps:
|
||||
- name: Download all workflow run artifacts
|
||||
|
|
@ -57,3 +57,15 @@ jobs:
|
|||
with:
|
||||
name: metadata
|
||||
path: metadata/*
|
||||
|
||||
# Send metadata to Chainloop
|
||||
chainloop:
|
||||
name: Chainloop
|
||||
uses: chainloop-dev/labs/.github/workflows/chainloop.yml@a75dff2ef342a1e5c5e1ec5c42fb99f3d1bc03cb
|
||||
needs: collect-metadata
|
||||
# with:
|
||||
# contract_revision: 3
|
||||
secrets:
|
||||
api_token: ${{ secrets.CHAINLOOP_ROBOT_ACCOUNT }}
|
||||
signing_key: ${{ secrets.PRIVATE_KEY }}
|
||||
signing_key_password: ${{ secrets.PRIVATE_KEY_PASSWORD }}
|
||||
Loading…
Reference in a new issue