From 10432055aa10f7b177e4acf0c848fc2e26375c0a Mon Sep 17 00:00:00 2001
From: Brian DeHamer <bdehamer@github.com>
Date: Tue, 5 Mar 2024 10:08:59 -0800
Subject: [PATCH] pin predicate action to 0.1.0 (#23)

Signed-off-by: Brian DeHamer <bdehamer@github.com>
---
 action.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/action.yml b/action.yml
index 40edb0eb..32194698 100644
--- a/action.yml
+++ b/action.yml
@@ -31,6 +31,7 @@ inputs:
       The GitHub token used to make authenticated API requests.
     default: ${{ github.token }}
     required: false
+
 outputs:
   bundle-path:
     description: 'The path to the file containing the attestation bundle(s).'
@@ -39,15 +40,15 @@ outputs:
 runs:
   using: 'composite'
   steps:
-    - uses: actions/attest-build-provenance/predicate@main
+    - uses: actions/attest-build-provenance/predicate@56a361a16034268025aa760d300531128e298f1c # predicate@0.1.0
       id: generate-build-provenance-predicate
     - uses: actions/attest@main
       id: attest
       with:
-        github-token: ${{ inputs.github-token }}
         subject-path: ${{ inputs.subject-path }}
         subject-digest: ${{ inputs.subject-digest }}
         subject-name: ${{ inputs.subject-name }}
-        push-to-registry: ${{ inputs.push-to-registry }}
         predicate-type: ${{ steps.generate-build-provenance-predicate.outputs.predicate-type }}
         predicate: ${{ steps.generate-build-provenance-predicate.outputs.predicate }}
+        push-to-registry: ${{ inputs.push-to-registry }}
+        github-token: ${{ inputs.github-token }}