Skip to content

Commit 3779762

Browse files
timbastintimbastin
committed
testing with multi line sh
1 parent f07f9f1 commit 3779762

1 file changed

Lines changed: 4 additions & 4 deletions

File tree

.github/workflows/attest.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ jobs:
8888
- name: Get and Attest SBOM
8989
uses: docker://ghcr.io/l3montree-dev/devguard/scanner:main
9090
with:
91-
args: >
91+
args: |
9292
sh -c "
9393
slug=$(devguard-scanner slug ${{ github.ref_name }}) &&
9494
devguard-scanner curl '${{ inputs.api-url }}/api/v1/organizations/${{ inputs.asset-name }}/refs/'$slug'/artifacts/${{ env.API_ARTIFACT_NAME }}/sbom.json/' --token='${{ secrets.devguard-token }}' > /tmp/sbom.json &&
@@ -104,7 +104,7 @@ jobs:
104104
- name: Get and Attest VeX
105105
uses: docker://ghcr.io/l3montree-dev/devguard/scanner:main
106106
with:
107-
args: >
107+
args: |
108108
sh -c "
109109
slug=$(devguard-scanner slug ${{ github.ref_name }}) &&
110110
devguard-scanner curl '${{ inputs.api-url }}/api/v1/organizations/${{ inputs.asset-name }}/refs/'$slug'/artifacts/${{ env.API_ARTIFACT_NAME }}/vex.json/' --token='${{ secrets.devguard-token }}' > /tmp/vex.json &&
@@ -120,7 +120,7 @@ jobs:
120120
- name: Get and Attest SAST-Results
121121
uses: docker://ghcr.io/l3montree-dev/devguard/scanner:main
122122
with:
123-
args: >
123+
args: |
124124
sh -c "
125125
slug=$(devguard-scanner slug ${{ github.ref_name }}) &&
126126
devguard-scanner curl '${{ inputs.api-url }}/api/v1/organizations/${{ inputs.asset-name }}/refs/'$slug'/sarif.json' --token='${{ secrets.devguard-token }}' > /tmp/sarif.json &&
@@ -140,7 +140,7 @@ jobs:
140140
uses: docker://ghcr.io/l3montree-dev/devguard/scanner:main
141141
continue-on-error: true
142142
with:
143-
args: >
143+
args: |
144144
sh -c "
145145
if [ -f image-digest.txt ]; then
146146
devguard-scanner attest -u ${{ github.actor }} -r ghcr.io -p ${{ secrets.GITHUB_TOKEN }} build.provenance.json \"$(cat image-tag.txt)@$(cat image-digest.txt)\" --predicateType='https://slsa.dev/provenance/v1' --token='${{ secrets.devguard-token }}' --apiUrl=${{ inputs.api-url }} --assetName=${{ inputs.asset-name }} --ref=${{ github.ref_name }} --artifactName=${{ env.ARTIFACT_NAME }}

0 commit comments

Comments
 (0)