add-artifact-attestations-to-workflow
CommunitySecure CI/CD with SLSA attestations
Authorjim60105
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill automates the process of adding SLSA build-provenance attestations to your GitHub Actions workflows, enhancing the security and trustworthiness of your Docker image builds.
Core Features & Use Cases
- Automated Attestation Generation: Integrates seamlessly with
docker/build-push-actionto capture build digests. - Multi-Registry Support: Configurable for various container registries like GHCR, Docker Hub, and Quay.
- Use Case: Ensure your CI/CD pipeline for a critical microservice's Docker image generates verifiable attestations, proving its origin and integrity against potential supply chain attacks.
Quick Start
Add SLSA attestations to your GitHub Actions workflow by modifying the relevant workflow file.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: add-artifact-attestations-to-workflow Download link: https://github.com/jim60105/copilot-prompt/archive/main.zip#add-artifact-attestations-to-workflow Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.