Skip to content

BED-7784: re-enable provenance, revert changes#184

Merged
StranDutton merged 1 commit intomainfrom
BED-7784-fix-image-upload-revert
Mar 30, 2026
Merged

BED-7784: re-enable provenance, revert changes#184
StranDutton merged 1 commit intomainfrom
BED-7784-fix-image-upload-revert

Conversation

@StranDutton
Copy link
Copy Markdown
Contributor

@StranDutton StranDutton commented Mar 30, 2026
edited by coderabbitai bot
Loading

Reverts provenance: false from build.yml and publish.yml. The ECR push 403 was likely caused by stale credentials, not provenance as previously thought. Keys have been rotated and pushes seem to be working again.

Ticket: https://specterops.atlassian.net/browse/BED-7784

Summary by CodeRabbit

  • Chores
    • Updated container build workflows to enable provenance attestation for published images, improving supply chain security and image verification capabilities.

@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Mar 30, 2026
edited
Loading

Walkthrough

Removed the provenance: false configuration from Docker build-push actions in two GitHub workflow files. This eliminates the explicit disablement of container image provenance generation, allowing the actions to use their default provenance behavior.

Changes

Cohort / File(s) Summary
Docker Provenance Configuration
.github/workflows/build.yml, .github/workflows/publish.yml		 Removed provenance: false setting from docker/build-push-action@v6 step in the containerize job, allowing default provenance generation behavior.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A hop, skip, and a Docker push,
Provenance now flows—no need to shush,
Default behavior takes the lead,
Authenticity's all we need! ✨🐇

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check ✅ Passed The title accurately describes the main change: reverting the removal of provenance:false settings to re-enable provenance in both workflow files.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch BED-7784-fix-image-upload-revert

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@StranDutton StranDutton changed the title BED-7784: re-enable provenance BED-7784: re-enable provenance, revert changes Mar 30, 2026
@StranDutton StranDutton merged commit f98e580 into main Mar 30, 2026
10 checks passed
@github-actions github-actions bot locked and limited conversation to collaborators Mar 30, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@definitelynotagoblin definitelynotagoblin definitelynotagoblin approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@StranDutton @definitelynotagoblin