From afa0f38ec2bbdf5230c68444c7e964bb19e2b64b Mon Sep 17 00:00:00 2001
From: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
Date: Fri, 26 Jul 2024 16:01:13 -0400
Subject: [PATCH] fix: maven e2e: remove verify job (#3748)

# Summary

Followup to #3746

Removes the verify job, which won't work, because the ref will be
incorrect.

-
https://github.com/slsa-framework/slsa-github-generator/actions/runs/10115454784/job/27976327657#step:5:1

```
WARNING: Insecure SLSA_VERIFIER_TESTING is enabled.
Verifying artifact ./target/test-java-project-1.21.97.jar: FAILED: invalid ref: "refs/heads/main": unexpected ref type: "heads"

FAILED: SLSA verification failed: invalid ref: "refs/heads/main": unexpected ref type: "heads"
Error: Process completed with exit code 1.
```

## Testing Process

The e2e test is executed in this PR, which now passes.

## Checklist

- [x] Review the contributing
[guidelines](https://github.com/slsa-framework/slsa-github-generator/blob/main/CONTRIBUTING.md)
- [x] Add a reference to related issues in the PR description.
- [ ] Update documentation if applicable.
- [x] Add unit tests if applicable.
- [ ] Add changes to the
[CHANGELOG](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
if applicable.

---------

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
---
 .github/workflows/pre-submit.e2e.maven.yml | 22 ----------------------
 1 file changed, 22 deletions(-)

diff --git a/.github/workflows/pre-submit.e2e.maven.yml b/.github/workflows/pre-submit.e2e.maven.yml
index 92e23ccc48..45f5a93436 100644
--- a/.github/workflows/pre-submit.e2e.maven.yml
+++ b/.github/workflows/pre-submit.e2e.maven.yml
@@ -33,25 +33,3 @@ jobs:
     uses: slsa-framework/slsa-github-generator/.github/workflows/builder_maven_slsa3.yml@main
     with:
       directory: ./e2e/maven/workflow_dispatch
-
-  verify:
-    runs-on: ubuntu-latest
-    needs: [build]
-    steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      - uses: slsa-framework/slsa-github-generator/actions/maven/secure-download-attestations@main
-        with:
-          name: "${{ needs.build.outputs.provenance-download-name }}"
-          sha256: "${{ needs.build.outputs.provenance-download-sha256 }}"
-          path: ./
-      - uses: slsa-framework/slsa-github-generator/actions/maven/secure-download-target@main
-        with:
-          name: "${{ needs.build.outputs.target-download-name }}"
-          sha256: "${{ needs.build.outputs.target-download-sha256 }}"
-          path: ./
-      - uses: slsa-framework/slsa-verifier/actions/installer@v2.6.0
-      - name: Verify artifact
-        env:
-          PROVENANCE_PATH: ${{ needs.build.outputs.provenance-download-name }}
-          TARGET_PATH: ${{ needs.build.outputs.target-download-name }}
-        run: slsa-verifier verify-artifact "$TARGET_PATH" --provenance-path "$PROVENANCE_PATH"