From 4a44b9ce1e153d692be6236aa43bed339abe421a Mon Sep 17 00:00:00 2001
From: Rustem Khusnutdinov <rust768@gmail.com>
Date: Thu, 28 Nov 2024 21:49:41 +0300
Subject: [PATCH] +

---
 .github/workflows/docker.yml | 34 +++++++++++++++++++++++++---------
 action.yml                   |  2 +-
 src/entrypoint               |  2 --
 3 files changed, 26 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 85fe384..39327d3 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -13,32 +13,48 @@ on:
     branches:
       - v1
 
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
 jobs:
   push_to_registry:
     name: Push Docker image to Docker Hub
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      attestations: write
+      id-token: write
     steps:
       - name: Check out the repo
         uses: actions/checkout@v2
 
-      - name: Log in to Docker Hub
-        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
+      - name: Log in to the Container registry
+        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
         with:
-          username: ewjoachim
-          password: ${{ secrets.DOCKER_PASSWORD }}
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
         with:
-          images: ewjoachim/coverage-comment-action
-          flavor: |
-            latest=true
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
+        id: push
+        uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
         with:
           context: .
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
+          subject-digest: ${{ steps.push.outputs.digest }}
+          push-to-registry: true
diff --git a/action.yml b/action.yml
index 294587d..32ad4d0 100644
--- a/action.yml
+++ b/action.yml
@@ -61,7 +61,7 @@ inputs:
     required: false
 runs:
   using: docker
-  image: Dockerfile
+  image: ghcr.io/getflow/coverage-comment-action:v1
   env:
     GITHUB_TOKEN: ${{ inputs.GITHUB_TOKEN }}
     COVERAGE_FILE: ${{ inputs.COVERAGE_FILE }}
diff --git a/src/entrypoint b/src/entrypoint
index 96d4956..77661eb 100755
--- a/src/entrypoint
+++ b/src/entrypoint
@@ -22,8 +22,6 @@ JSON_URL = "https://raw.githubusercontent.com/wiki/{repo_name}/{filename}"
 
 def main():
     print("Starting action")
-    call("ssh-add", "-l")
-    print("TESTTTTTTTTT")
     config = Config.from_environ(os.environ)
     coverage_info = get_coverage_info(config=config)
     gh = get_api(config=config)