From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Thu, 18 Jul 2024 11:56:45 +0000 (+0200)
Subject: Post provenance data to the public transparency log for private repos
X-Git-Tag: rec-5.2.0-alpha1~139^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F14504%2Fhead;p=thirdparty%2Fpdns.git

Post provenance data to the public transparency log for private repos

We are OK with making private repository names discoverable via the
public Rekor API server.
---

diff --git a/.github/workflows/build-packages.yml b/.github/workflows/build-packages.yml
index d6b69a16c4..6ece22db86 100644
--- a/.github/workflows/build-packages.yml
+++ b/.github/workflows/build-packages.yml
@@ -195,6 +195,7 @@ jobs:
       base64-subjects: "${{ needs.build.outputs[format('pkghashes-{0}-{1}', matrix.os, matrix.architecture)] }}"
       upload-assets: false
       provenance-name: "${{ inputs.product }}-${{ needs.build.outputs.version }}-${{ matrix.os }}-${{ matrix.architecture }}.intoto.jsonl"
+      private-repository: true
 
   provenance-src:
     needs: build
@@ -208,6 +209,7 @@ jobs:
       base64-subjects: "${{ needs.build.outputs.srchashes }}"
       upload-assets: false
       provenance-name: "${{ inputs.product }}-${{ needs.build.outputs.version }}-src.intoto.jsonl"
+      private-repository: true
 
   upload-provenance:
     needs: [prepare, build, provenance-src, provenance-pkgs]