From f9b3411a5e1d95e0b4e9a4a3eee27122e7b6c134 Mon Sep 17 00:00:00 2001 From: laurentsimon <64505099+laurentsimon@users.noreply.github.com> Date: Thu, 9 Nov 2023 15:09:08 -0800 Subject: [PATCH] feat: Add reference to GoReleaser blog post for container instructions (#2958) Signed-off-by: laurentsimon --- internal/builders/container/README.md | 5 +++++ internal/builders/generic/README.md | 2 ++ 2 files changed, 7 insertions(+) diff --git a/internal/builders/container/README.md b/internal/builders/container/README.md index 148fa9e733..b12a39397a 100644 --- a/internal/builders/container/README.md +++ b/internal/builders/container/README.md @@ -30,6 +30,7 @@ project simply generates provenance as a separate step in an existing workflow. - [Provenance Example](#provenance-example) - [Integration With Other Build Systems](#integration-with-other-build-systems) - [Ko](#ko) + - [GoReleaser](#goreleaser) - [Provenance for matrix strategy builds](#provenance-for-matrix-strategy-builds) - [Verification](#verification) - [slsa-verifier](#slsa-verifier) @@ -443,6 +444,10 @@ This section explains how to generate non-forgeable SLSA provenance with existin registry-password: ${{ secrets.GITHUB_TOKEN }} ``` +### [GoReleaser](#goreleaser) + +Follow the great blog post of [goreleaser.com](https://goreleaser.com/blog/slsa-generation-for-your-artifacts). + ## Provenance for matrix strategy builds See the diff --git a/internal/builders/generic/README.md b/internal/builders/generic/README.md index 9b7de83363..35dfa42514 100644 --- a/internal/builders/generic/README.md +++ b/internal/builders/generic/README.md @@ -468,6 +468,8 @@ jobs: upload-assets: true # upload to a new release ``` +For more details, follow the great blog post on [goreleaser.com](https://goreleaser.com/blog/slsa-generation-for-your-artifacts). + ### Provenance for JReleaser If you use [JReleaser](https://github.com/jreleaser/release-action) to generate your build, you can easily