Merge pull request #4 from slsa-framework/v2.0.0-changes

chore: update refs to v2.0.0

Author: ramonpetgrave64

.github/workflows/builder_high-perms-checkout_slsa3.yml

@@ -89,7 +89,7 @@ jobs:
     steps:
       - name: Generate the token
         id: generate
-        uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@main
+        uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@v2.0.0
         with:
           slsa-workflow-recipient: "delegator_generic_slsa3.yml"
           slsa-rekor-log-public: ${{ inputs.rekor-log-public }}
@@ -106,7 +106,7 @@ jobs:
       contents: write # For asset uploads.
       packages: write # For package uploads.
       actions: read # For the entrypoint.
-    uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_generic_slsa3.yml@main
+    uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_generic_slsa3.yml@v2.0.0
     with:
       slsa-token: ${{ needs.slsa-setup.outputs.slsa-token }}
     secrets:
@@ -121,7 +121,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download provenance
-        uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@main
+        uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@v2.0.0
         with:
           name: ${{ needs.slsa-run.outputs.attestations-download-name }}
           sha256: ${{ needs.slsa-run.outputs.attestations-download-sha256 }}

.github/workflows/builder_high-perms-checkout_slsa3_test.yml

@@ -28,7 +28,7 @@ jobs:
       contents: write # For asset release.
       packages: write # For package upload.
       actions: read # For getting workflow run info.
-    uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@main
+    uses: slsa-framework/example-trw/.github/workflows/builder_high-perms-checkout_slsa3.yml@v2.0.0
     with:
       artifact: my-artifact
       filename: high-perms-checkout/src/build.txt

.github/workflows/builder_high-perms_slsa3.yml

@@ -84,7 +84,7 @@ jobs:
     steps:
       - name: Generate the token
         id: generate
-        uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@main
+        uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@v2.0.0
         with:
           slsa-workflow-recipient: "delegator_generic_slsa3.yml"
           slsa-rekor-log-public: ${{ inputs.rekor-log-public }}
@@ -100,7 +100,7 @@ jobs:
       contents: write # For asset uploads.
       packages: write # For package uploads.
       actions: read # For the entrypoint.
-    uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_generic_slsa3.yml@main
+    uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_generic_slsa3.yml@v2.0.0
     with:
       slsa-token: ${{ needs.slsa-setup.outputs.slsa-token }}
     secrets:

.github/workflows/builder_high-perms_slsa3_test.yml

@@ -28,7 +28,7 @@ jobs:
       contents: write # For asset release.
       packages: write # For package upload.
       actions: read # For getting workflow run info.
-    uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@main # v0.0.1 has all refs at main.
+    uses: slsa-framework/example-trw/.github/workflows/builder_high-perms_slsa3.yml@v2.0.0 # v0.0.1 has all refs at main.
     with:
       artifact: my-artifact
       content: "hello world"

.github/workflows/builder_low-perms_slsa3.yml

@@ -94,7 +94,7 @@ jobs:
     steps:
       - name: Generate the token
         id: generate
-        uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@main
+        uses: slsa-framework/slsa-github-generator/actions/delegator/setup-generic@v2.0.0
         with:
           slsa-workflow-recipient: "delegator_lowperms-generic_slsa3.yml"
           slsa-rekor-log-public: ${{ inputs.rekor-log-public }}
@@ -109,7 +109,7 @@ jobs:
       id-token: write # For signing.
       contents: read # For code access.
       actions: read # For the entrypoint.
-    uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@main
+    uses: slsa-framework/slsa-github-generator/.github/workflows/delegator_lowperms-generic_slsa3.yml@v2.0.0
     with:
       slsa-token: ${{ needs.slsa-setup.outputs.slsa-token }}
     secrets:
@@ -124,7 +124,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download provenance
-        uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@main
+        uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@v2.0.0
         with:
           name: ${{ needs.slsa-run.outputs.attestations-download-name }}
           sha256: ${{ needs.slsa-run.outputs.attestations-download-sha256 }}
@@ -152,7 +152,7 @@ jobs:
       # Artifacts are downloaded in the current directory. The downloaded folder
       # is the one uploaded by the TCA, which in our case is called "artifacts".
       - name: Download artifacts
-        uses: slsa-framework/slsa-github-generator/actions/delegator/secure-download-folder@main
+        uses: slsa-framework/slsa-github-generator/actions/delegator/secure-download-folder@v2.0.0
         with:
           name: ${{ fromJson(needs.slsa-run.outputs.build-artifacts-outputs).artifact-download-name }}
           sha256: ${{ fromJson(needs.slsa-run.outputs.build-artifacts-outputs).artifact-download-sha256 }}

.github/workflows/builder_low-perms_slsa3_test.yml

@@ -27,7 +27,7 @@ jobs:
       id-token: write # For signing
       contents: write # For asset release.
       actions: read # For getting workflow run info.
-    uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@main # v0.0.1 has all refs at main.
+    uses: slsa-framework/example-trw/.github/workflows/builder_low-perms_slsa3.yml@v2.0.0 # v0.0.1 has all refs at main.
     with:
       artifact: my-artifact
       content: "hello world"

high-perms-checkout/actions/download/attestation/action.yml

@@ -30,7 +30,7 @@ runs:
   using: "composite"
   steps:
     - name: Download the attestations
-      uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@main
+      uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@v2.0.0
       with:
         name: ${{ inputs.name }}
         path: ${{ inputs.path }}

high-perms/actions/download/attestation/action.yml

@@ -30,7 +30,7 @@ runs:
   using: "composite"
   steps:
     - name: Download the attestations
-      uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@main
+      uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@v2.0.0
       with:
         name: ${{ inputs.name }}
         path: ${{ inputs.path }}

low-perms/actions/download/attestation/action.yml

@@ -30,7 +30,7 @@ runs:
   using: "composite"
   steps:
     - name: Download the attestations
-      uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@main
+      uses: slsa-framework/slsa-github-generator/actions/delegator/secure-attestations-download@v2.0.0
       with:
         name: ${{ inputs.name }}
         path: ${{ inputs.path }}

low-perms/internal/callback_action/action.yml

@@ -83,7 +83,7 @@ runs:
     - name: Create random value
       id: rng
       # WARNING: This is not cryptographically secure and will show in logs!
-      uses: slsa-framework/slsa-github-generator/actions/delegator/random@main
+      uses: slsa-framework/slsa-github-generator/actions/delegator/random@v2.0.0
 
     # Create the folder to share.
     # The folder is local, so need its name needs not be randomized.
@@ -100,7 +100,7 @@ runs:
     # Share the artifacts folder, with a unique randomized name.
     - name: Share artifacts
       id: upload
-      uses: slsa-framework/slsa-github-generator/actions/delegator/secure-upload-folder@main
+      uses: slsa-framework/slsa-github-generator/actions/delegator/secure-upload-folder@v2.0.0
       with:
         name: "${{ steps.rng.outputs.random }}-artifacts"
         path: artifacts