ci: Attempting a different name for intermediate steps in provenance …

…generation Signed-off-by: Tyler Erickson <[email protected]>
Seagate · May 1, 2024 · a4a6735 · a4a6735
1 parent a2072fa
commit a4a6735
Showing 1 changed file with 7 additions and 6 deletions.
diff --git a/.github/workflows/source-release.yml b/.github/workflows/source-release.yml
@@ -26,8 +26,8 @@ jobs:
           }
     outputs:
       #store hashes for slsa provenance
-      hash-SourceCode_With_Submodules.zip: ${{ steps.hash.outputs.hash-SourceCode_With_Submodules.zip }}
-      hash-SourceCode_With_Submodules.tar.xz: ${{ steps.hash.outputs.hash-SourceCode_With_Submodules.tar.xz }}
+      hash-SourceCode_With_Submodules-Windows: ${{ steps.hash.outputs.hash-SourceCode_With_Submodules-Windows }}
+      hash-SourceCode_With_Submodules-Linux: ${{ steps.hash.outputs.hash-SourceCode_With_Submodules-Linux }}
 
     steps:  
     - uses: actions/checkout@v4
@@ -61,12 +61,13 @@ jobs:
           # https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/generic/README.md#provenance-for-artifacts-built-across-multiple-operating-systems
           set -euo pipefail
           (sha256sum -t ${{ format('SourceCode_With_Submodules{0}',  matrix.config.extension) }} || shasum -a 256 ${{ format('SourceCode_With_Submodules{0}',  matrix.config.extension) }}) > checksum
-          echo "hash-SourceCode_With_Submodules${{ matrix.config.extension }}=$(base64 -w0 checksum || base64 checksum)" >> "${GITHUB_OUTPUT}"
+          echo "checksum = $checksum"
+          echo "hash-SourceCode_With_Submodules-${{ matrix.config.name }}=$(base64 -w0 checksum || base64 checksum)" >> "${GITHUB_OUTPUT}"
 
     - name: Upload Source Archive as Artifact
       uses: actions/upload-artifact@v4
       with:
-        name: SourceCode_With_Submodules${{ matrix.config.extension }}
+        name: SourceCode_With_Submodules-${{ matrix.config.name }}
         path: SourceCode_With_Submodules${{ matrix.config.extension }}
 
     - name: Publish Source Archive to Release
@@ -81,8 +82,8 @@ jobs:
     strategy:
       fail-fast: false #don't cancel other jobs if one is failing
       matrix:
-        package_name: [ "SourceCode_With_Submodules.zip",
-                        "SourceCode_With_Submodules.tar.xz" ]
+        package_name: [ "SourceCode_With_Submodules-Windows",
+                        "SourceCode_With_Submodules-Linux" ]
     permissions:
       actions: read # To read the workflow path.
       id-token: write # To sign the provenance.