From 6323aa71514def26a86831e3a13aa4b7aae26142 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jakub@stacklok.com>
Date: Mon, 12 Feb 2024 16:13:20 +0000
Subject: [PATCH] pass a filename

---
 .github/workflows/build-image-signed-ghat.yml | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/.github/workflows/build-image-signed-ghat.yml b/.github/workflows/build-image-signed-ghat.yml
index f3546e4..c93afd6 100644
--- a/.github/workflows/build-image-signed-ghat.yml
+++ b/.github/workflows/build-image-signed-ghat.yml
@@ -39,12 +39,6 @@ jobs:
           syft scan registry:ghcr.io/${{ github.repository }}:latest -o json > sbom.json
           cat sbom.json
 
-      - name: Read SBOM into environment variable
-        id: sbom-read
-        run: |
-          SBOM_CONTENTS=$(cat sbom.json | base64)
-          echo "SBOM_CONTENTS=${SBOM_CONTENTS}" >> $GITHUB_ENV
-
       - name: Attest image
         uses: jhrozek/generate-build-provenance@add_sbom
         with:
@@ -52,4 +46,4 @@ jobs:
           subject-digest: ${{ steps.push-step.outputs.digest }}
           push-to-registry: true
         env:
-          SBOM_CONTENTS: ${{ env.SBOM_CONTENTS }}
\ No newline at end of file
+          SBOM_FILE_PATH: sbom.json
\ No newline at end of file