SLSA

Generates subject attestations for SLSA to be used in combination with JReleaser’s SLSA builders.

This feature does not generate provenance on its own, you must combine it with a SLSA builder.

Configuration

Legend:

required
optional
may use environment variable
accepts Name Templates

YAML
TOML
JSON
Maven
Gradle

catalog:
  # 
  slsa:

    # Enable or disable this cataloger.
    # Supported values are [`NEVER`, `ALWAYS`, `RELEASE`, `SNAPSHOT`].
    # Defaults to `NEVER`.
    #  
    active: ALWAYS

    # Name of the attestation file.
    # Defaults to `{{projectName}}-{{projectEffectiveVersion}}`.
    #  
    attestationName: 'app-all-{{projectVersion}}'

    # Check distribution artifacts.
    # Defaults to `true`.
    # 
    artifacts: true

    # Check files.
    # Defaults to `true`.
    # 
    files: true

    # Check deployable artifacts.
    # Defaults to `true`.
    # 
    deployables: true

    # Additional properties used when evaluating templates.
    #  
    extraProperties:
      # Key will be capitalized and prefixed with `slsa`, i.e, `slsaFoo`.
      foo: bar

# 
[catalog.slsa]

  # Enable or disable this cataloger.
  # Supported values are [`NEVER`, `ALWAYS`, `RELEASE`, `SNAPSHOT`].
  # Defaults to `NEVER`.
  #  
  active = "ALWAYS"

   # Name of the attestation file.
   # Defaults to `{{projectName}}-{{projectEffectiveVersion}}`.
   #  
   attestationName = "app-all-{{projectVersion}}"

   # Check distribution artifacts.
   # Defaults to `true`.
   # 
   artifacts = true

   # Check files.
   # Defaults to `true`.
   # 
   files = true

   # Check deployable artifacts.
   # Defaults to `true`.
   # 
   deployables = true

  # Additional properties used when evaluating templates.
  #  
  extraProperties.foo = "bar"
  # Key will be capitalized and prefixed with `slsa`, i.e, `slsaFoo`.

{
  "catalog": {
    // 
    "slsa": {

      // Enable or disable this cataloger.
      // Supported values are [`NEVER`, `ALWAYS`, `RELEASE`, `SNAPSHOT`].
      // Defaults to `NEVER`.
      //  
      "active": "ALWAYS",

      // Name of the attestation file.
      // Defaults to `{{projectName}}-{{projectEffectiveVersion}}`.
      //  
      "attestationName": "app-all-{{projectVersion}}",

      // Check distribution artifacts.
      // Defaults to `true`.
      // 
      "artifacts": true,

      // Check files.
      // Defaults to `true`.
      // 
      "files": true,

      // Check deployable artifacts.
      // Defaults to `true`.
      // 
      "deployables": true,

      // Additional properties used when evaluating templates.
      //  
      "extraProperties": {
        // Key will be capitalized and prefixed with `slsa`, i.e, `slsaFoo`.
        "foo": "bar"
      }
    }
  }
}

<jreleaser>
  <!--
    
  -->
  <catalog>
    <!--
      
    -->
    <slsa>

      <!--
        Enable or disable this cataloger.
        Supported values are [`NEVER`, `ALWAYS`, `RELEASE`, `SNAPSHOT`].
        Defaults to `NEVER`.
         
      -->
      <active>ALWAYS</active>

      <!--
        Name of the attestation file.
        Defaults to `{{projectName}}-{{projectEffectiveVersion}}`.
         
      -->
      <attestationName>app-all-{{projectVersion}}</attestationName>

      <!--
        Check distribution artifacts.
        Defaults to `true`.
        
      -->
      <artifacts>true</artifacts>

      <!--
        Check files.
        Defaults to `true`.
        
      -->
      <files>true</files>

      <!--
        Check deployable artifacts.
        Defaults to `true`.
        
      -->
      <deployables>true</deployables>

      <!--
        Additional properties used when evaluating templates.
         
      -->
      <extraProperties>
        <!--
          Key will be capitalized and prefixed with `slsa`, i.e, `slsaFoo`.
        -->
        <foo>bar</foo>
      </extraProperties>
    </slsa>
  </catalog>
</jreleaser>

jreleaser {
  catalog {
    // 
    slsa {

      // Enable or disable this cataloger.
      // Supported values are [`NEVER`, `ALWAYS`, `RELEASE`, `SNAPSHOT`].
      // Defaults to `NEVER`.
      //  
      active = 'ALWAYS'

      // Name of the attestation file.
      // Defaults to `{{projectName}}-{{projectEffectiveVersion}}`.
      //  
      attestationName = 'app-all-{{projectVersion}}'

      // Check distribution artifacts.
      // Defaults to `true`.
      // 
      artifacts = true

      // Check files.
      // Defaults to `true`.
      // 
      files = true

      // Check deployable artifacts.
      // Defaults to `true`.
      // 
      deployables = true

      // Additional properties used when evaluating templates.
      // Key will be capitalized and prefixed with `slsa`, i.e, `slsaFoo`.
      //  
      extraProperties.put('foo', 'bar')
    }
  }
}

Environment

When not explicitly set, the value of the following properties may be resolved from an environment variable or a system property as shown in the table. The system property takes precedence over the environment variable.

System Property	Environment Variable
active
jreleaser.catalog.slsa.active	JRELEASER_CATALOG_SLSA_ACTIVE
attestationName
jreleaser.catalog.slsa.attestation.name	JRELEASER_CATALOG_SLSA_ATTESTATION_NAME

System Property

Environment Variable

active

jreleaser.catalog.slsa.active

JRELEASER_CATALOG_SLSA_ACTIVE

attestationName

jreleaser.catalog.slsa.attestation.name

JRELEASER_CATALOG_SLSA_ATTESTATION_NAME