github-actions-demo
github-actions-demo copied to clipboard
slsa-framework
Generating provenance file, path not found error
More guidance on how to integrate the action is required. We have an action to build a docker container:
name: Docker Image CI
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Build the Docker image
run: docker build . --file a10rest/Dockerfile.local --tag a10rest:$(date +%s)
- uses: slsa-framework/[email protected]
with:
artifact_path: /a10rest
output_path: a10rest.provenance
continue-on-error: true
The integration of the sla-framework action above is an educated guess from the instructions, but it runs. The artifact path however is a mystery: we've tried paths, relative paths and the name of the generated container (tag), but are unsure exactly how to refer to the artifact.
The above action run with the slsa action producing the error in this case `Resource path not found: [provided=/a10rest]``
The artifact_path field needs to be a file on disk. You should be able to specify the build output path using docker's --output flag which you can set to the value you pass to artifact_path.
You mean like this:
run: docker build . --file a10rest/Dockerfile.local --tag a10rest:$(date +%s) --output type=local,dest=/a10rest.build.output
with the corresponding artifact_path ?
I believe so but I haven't verified. also, a10rest.build.output should just be the container so you can name it accordingly: https://docs.docker.com/engine/reference/commandline/build/#custom-build-outputs. Do check the docs, though, as it seems this may change other aspects of the docker workflow.
Doesn't appear to work, unless there is some subtly in using this as part of an action in github that I am missing. Will go through this a bit more thorougly later and report.