.github/workflows/e2e.container-based.workflow_dispatch.main.adversarial-builder-binary.slsa3.yml #30

	on:
	# Only triggered manually for pre-release.
	workflow_dispatch:

	permissions: read-all

	jobs:
	provenance:
	permissions:
	id-token: write # For signing.
	contents: write # For asset uploads.
	actions: read # For the entrypoint.
	# Update the reference in this line with the builder's version to test.
	uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
	with:
	builder-image: "bash"
	builder-digest: "sha256:9e2ba52487d945504d250de186cb4fe2e3ba023ed2921dd6ac8b97ed43e76af9"
	config-path: ".github/configs-docker/config.toml"
	provenance-name: attestation.intoto

	if-succeeded:
	runs-on: ubuntu-latest
	needs: [provenance]
	if: needs.provenance.result == 'success'
	steps:
	- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
	- run: \|
	set -euo pipefail

	echo "This test should fail"
	exit 1

Provide feedback