From 3a76a42b84e2836bca6f7b13bc4e94e806d0a3f2 Mon Sep 17 00:00:00 2001
From: Patryk Ciechanski <patryk.ciechanski@inetum.com>
Date: Thu, 12 Jun 2025 10:02:18 +0200
Subject: [PATCH] fix: Correct digest reference in Docker artifact attestation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add id to build step to capture outputs
- Fix subject-digest reference from steps.build.outputs.digest
- Resolves 'One of subject-path or subject-digest must be provided' error

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .github/workflows/build_and_publish_docker.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build_and_publish_docker.yml b/.github/workflows/build_and_publish_docker.yml
index 804a141..9309d1d 100644
--- a/.github/workflows/build_and_publish_docker.yml
+++ b/.github/workflows/build_and_publish_docker.yml
@@ -44,6 +44,7 @@ jobs:
           type=raw,value=pr-${{ github.event.client_payload.pr_number }},enable=${{ github.event_name == 'repository_dispatch' && github.event.client_payload.pr_number != '' }}
 
     - name: Build and push Docker image
+      id: build
       uses: docker/build-push-action@v5
       with:
         context: .
@@ -57,5 +58,5 @@ jobs:
       uses: actions/attest-build-provenance@v1
       with:
         subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
-        subject-digest: ${{ steps.meta.outputs.digest }}
+        subject-digest: ${{ steps.build.outputs.digest }}
         push-to-registry: true
\ No newline at end of file