From 48cfb2cb573b10f82c8052108592caa5bd3c0a63 Mon Sep 17 00:00:00 2001
From: "Justin (shocknet)" <capitalist_dog@tuta.io>
Date: Mon, 20 May 2024 10:34:25 -0400
Subject: [PATCH] digest

---
 .github/workflows/push.yml | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 1fbf864d..04e199df 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -44,8 +44,14 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
 
+      - name: Capture image digest
+        id: capture-digest
+        run: |
+          DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest)
+          echo "::set-output name=digest::$DIGEST"
+  
       - name: Attest build provenance
         uses: actions/attest-build-provenance@v1
         with:
-          subject-path: ${{ github.workspace }}
-          github-token: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
+         subject-digest: ${{ steps.capture-digest.outputs.digest }}
+         github-token: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file