From d34faf2a4724fe5810fa6ff9bb6dbcf4a016994a Mon Sep 17 00:00:00 2001
From: Matheus Pimenta <matheuscscp@gmail.com>
Date: Wed, 24 Sep 2025 17:18:54 +0100
Subject: [PATCH] Fix release workflow

Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
---
 .github/workflows/{release.yml => release.yaml} | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)
 rename .github/workflows/{release.yml => release.yaml} (80%)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yaml
similarity index 80%
rename from .github/workflows/release.yml
rename to .github/workflows/release.yaml
index e7097010..9cc8d6e1 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yaml
@@ -32,7 +32,7 @@ jobs:
     uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0
     with:
       provenance-name: "provenance.intoto.jsonl"
-      base64-subjects: "${{ needs.release.outputs.hashes }}"
+      base64-subjects: "${{ needs.release.outputs.release-digests }}"
       upload-assets: true
   dockerhub-provenance:
     needs: [release]
@@ -44,9 +44,9 @@ jobs:
     if: startsWith(github.ref, 'refs/tags/v')
     uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0
     with:
-      image: ${{ needs.release.outputs.image_url }}
-      digest: ${{ needs.release.outputs.image_digest }}
-      registry-username: fluxcdbot
+      image: ${{ needs.release.outputs.image-name }}
+      digest: ${{ needs.release.outputs.image-digest }}
+      registry-username: ${{ github.repository_owner == 'fluxcd' && 'fluxcdbot' || github.repository_owner }}
     secrets:
       registry-password: ${{ secrets.DOCKER_FLUXCD_PASSWORD }}
   ghcr-provenance:
@@ -59,8 +59,8 @@ jobs:
     if: startsWith(github.ref, 'refs/tags/v')
     uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0
     with:
-      image: ghcr.io/${{ needs.release.outputs.image_url }}
-      digest: ${{ needs.release.outputs.image_digest }}
-      registry-username: fluxcdbot
+      image: ghcr.io/${{ needs.release.outputs.image-name }}
+      digest: ${{ needs.release.outputs.image-digest }}
+      registry-username: fluxcdbot # not necessary for ghcr.io
     secrets:
-      registry-password: ${{ secrets.GHCR_TOKEN }}
+      registry-password: ${{ secrets.GITHUB_TOKEN }}