From dd6440f096802e5cc98c4a4e31c89488b959bb13 Mon Sep 17 00:00:00 2001
From: Tim Hardeck <thardeck@suse.com>
Date: Mon, 3 Feb 2025 16:50:51 +0100
Subject: [PATCH] Improve Attest provenance variabel names

---
 .github/workflows/release.yml | 27 ++++++++++++---------------
 1 file changed, 12 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 2b35a0fd6d..9bdf199b2d 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -152,31 +152,28 @@ jobs:
 
       - name: Attest provenance
         shell: bash
-        env:
-          PRIME_REGISTRY: ${{ env.PRIME_REGISTRY }}
-          CURRENT_TAG: ${{ github.ref_name }}
         run: |
-          for IMG_NAME in $(yq e '.dockers[].image_templates[0]' .goreleaser.yaml | grep PRIME_REGISTRY | sed "s/{{ .Env.PRIME_REGISTRY }}/${PRIME_REGISTRY}/g" | sed "s/{{ .Tag }}/${CURRENT_TAG}/g"); do
+          for IMG_NAME in $(yq e '.dockers[].image_templates[0]' .goreleaser.yaml | grep PRIME_REGISTRY | sed "s/{{ .Env.PRIME_REGISTRY }}/${{ env.PRIME_REGISTRY }}/g" | sed "s/{{ .Tag }}/v0.12.0-alpha.8/g"); do
             # Extract Docker image reference plus digest from local image
-            IMAGE=$(docker inspect --format='{{index .RepoDigests 0}}' ${IMG_NAME})
+            URL=$(docker inspect --format='{{index .RepoDigests 0}}' ${IMG_NAME})
 
             max_retries=3
             retry_delay=5
             i=0
 
             while [ "${i}" -lt "${max_retries}" ]; do
-                if slsactl download provenance --format=slsav1 "${IMAGE}" > provenance-slsav1.json; then
-                    break
-                fi
-                if [ "${i}" -eq "$(( max_retries - 1 ))" ]; then
-                    echo "ERROR: Failed to generate slsav1 provenance. Check whether the image is present in the Prime registry."
-                    exit 1
-                fi
-                i=$(( i + 1 ))
-                sleep "${retry_delay}"
+              if slsactl download provenance --format=slsav1 "${URL}" > provenance-slsav1.json; then
+                break
+              fi
+              if [ "${i}" -eq "$(( max_retries - 1 ))" ]; then
+                echo "ERROR: Failed to generate slsav1 provenance. Check whether the image is present in the Prime registry."
+                exit 1
+              fi
+              i=$(( i + 1 ))
+              sleep "${retry_delay}"
             done
 
-            cosign attest --yes --predicate provenance-slsav1.json --type slsaprovenance1 "${IMAGE}"
+            cosign attest --yes --predicate provenance-slsav1.json --type slsaprovenance1 "${URL}"
           done
 
       - name: Upload charts to release