updates

laurentsimon · May 24, 2022 · ebf308c · ebf308c
1 parent 3af0f5f
commit ebf308c
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/.github/workflows/builder_go_slsa3.yml b/.github/workflows/builder_go_slsa3.yml
@@ -25,6 +25,7 @@ env:
   BUILDER_RELEASE_BINARY: slsa-builder-go-linux-amd64
   BUILDER_REPOSITORY: laurentsimon/slsa-github-generator
   # Verifier
+  #TODO(revert) repo name and hashes
   VERIFIER_REPOSITORY: laurentsimon/slsa-verifier
   VERIFIER_RELEASE_BINARY: slsa-verifier-linux-amd64
   VERIFIER_RELEASE_BINARY_SHA256: fb743bc6bb56908d590da66bfe5c266d003aa226b30fcada5f7b9e4aea43b52b

diff --git a/.github/workflows/scripts/builder-fetch.sh b/.github/workflows/scripts/builder-fetch.sh
@@ -32,6 +32,7 @@ if [[ "$BUILDER_TAG" = "$(echo -n "$BUILDER_TAG" | grep -P '^[a-f\d]{40}$')" ]];
     while read line; do
         TAG=$(echo "$line" | cut -f1)
         BRANCH=$(gh release -R "$BUILDER_REPOSITORY" view "$TAG" --json targetCommitish --jq '.targetCommitish')
+        #TODO(revert) main
         if [[ "$BRANCH" != "feat/fastbuilds" ]]; then
             continue
         fi
@@ -72,7 +73,8 @@ echo "verifier hash verification has passed"
 
 # Verify the provenance of the builder.
 chmod a+x "$VERIFIER_RELEASE_BINARY"
-./"$VERIFIER_RELEASE_BINARY" --branch "main" \
+#TODO(revert) main
+./"$VERIFIER_RELEASE_BINARY" --branch "feat/fastbuilds" \
                             --tag "$BUILDER_TAG" \
                             --artifact-path "$BUILDER_RELEASE_BINARY" \
                             --provenance "$BUILDER_RELEASE_BINARY.intoto.jsonl" \