From 999d78211b9ce149b42caff8c7a5a725fd169a45 Mon Sep 17 00:00:00 2001
From: Dylan Palmieri <dgpalmieri@gmail.com>
Date: Tue, 18 Jun 2024 16:26:22 -0800
Subject: [PATCH] fix: generate attenuation

---
 .github/workflows/publish_image.yaml | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/publish_image.yaml b/.github/workflows/publish_image.yaml
index c201db3..950d617 100644
--- a/.github/workflows/publish_image.yaml
+++ b/.github/workflows/publish_image.yaml
@@ -51,10 +51,9 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
       
       # This step generates an artifact attestation for the image, which is an unforgeable statement about where and how it was built. It increases supply chain security for people who consume the image. For more information, see "[AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds)." 
-      # THIS IS ONLY AVAILABLE IN PUBLIC REPOS
-      #- name: Generate artifact attestation
-        #uses: actions/attest-build-provenance@v1
-        #with:
-          #subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
-          #subject-digest: ${{ steps.push.outputs.digest }}
-          #push-to-registry: true
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
+          subject-digest: ${{ steps.push.outputs.digest }}
+          push-to-registry: true