chore(ci): provide project name

.github/workflows/build_and_package.yaml

@@ -29,6 +29,7 @@ jobs:
       CONTAINER_IMAGE_CLI: ghcr.io/chainloop-dev/chainloop/cli:${{ github.ref_name }}
       GH_TOKEN: ${{ github.token }}
       CHAINLOOP_WORKFLOW_NAME: "chainloop-vault-build-and-package"
+      CHAINLOOP_PROJECT: "chainloop"
     steps:
       - name: Install Cosign
         uses: sigstore/cosign-installer@ef6a6b364bbad08abd36a5f8af60b595d12702f8 # main
@@ -49,7 +50,7 @@ jobs:
 
       - name: Initialize Attestation
         run: |
-          chainloop attestation init --workflow $CHAINLOOP_WORKFLOW_NAME
+          chainloop attestation init --workflow $CHAINLOOP_WORKFLOW_NAME --project $CHAINLOOP_PROJECT
 
       - name: Docker login to Github Packages
         uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0

.github/workflows/codeql.yml

@@ -23,6 +23,7 @@ jobs:
     env:
       CHAINLOOP_TOKEN: ${{ secrets.CHAINLOOP_TOKEN }}
       CHAINLOOP_WORKFLOW_NAME: "chainloop-vault-codeql"
+      CHAINLOOP_PROJECT: "chainloop"
 
     strategy:
       fail-fast: false
@@ -41,7 +42,7 @@ jobs:
       - name: Initialize Attestation
         if: ${{ github.event_name != 'pull_request' }}
         run: |
-          chainloop attestation init --workflow $CHAINLOOP_WORKFLOW_NAME
+          chainloop attestation init --workflow $CHAINLOOP_WORKFLOW_NAME --project $CHAINLOOP_PROJECT
 
       - name: Set up Go
         uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0

.github/workflows/docs_deploy.yml

@@ -11,12 +11,13 @@ concurrency: "deploy-to-prod"
 jobs:
   chainloop_init:
     name: Chainloop Init
-    uses: chainloop-dev/labs/.github/workflows/chainloop_init.yml@dfc395be86c9254f42de204584a032d5c1f99706
+    uses: chainloop-dev/labs/.github/workflows/chainloop_init.yml@edd4d30e954a4a456dd770f3b7c5e6871c84a661
     secrets:
       api_token: ${{ secrets.CHAINLOOP_TOKEN }}
     with:
       chainloop_labs_branch: dfc395be86c9254f42de204584a032d5c1f99706
       workflow_name: "chainloop-docs-release"
+      project_name: "chainloop"
 
   deploy_docs:
     name: Deploy Documentation
@@ -83,7 +84,7 @@ jobs:
 
   chainloop_push:
     name: Chainloop Push
-    uses: chainloop-dev/labs/.github/workflows/chainloop_push.yml@dfc395be86c9254f42de204584a032d5c1f99706
+    uses: chainloop-dev/labs/.github/workflows/chainloop_push.yml@edd4d30e954a4a456dd770f3b7c5e6871c84a661
     needs:
       - deploy_docs
     secrets:

.github/workflows/package_chart.yaml

@@ -17,7 +17,7 @@ jobs:
   # be ignored and the process will continue. For this to work it's using a pre-created API Token
   onboard_workflow:
     name: Onboard Chainloop Workflow
-    uses: chainloop-dev/labs/.github/workflows/chainloop_onboard.yml@4173e015dbd5dc2a8802555c268da63d57bbe576
+    uses: chainloop-dev/labs/.github/workflows/chainloop_onboard.yml@edd4d30e954a4a456dd770f3b7c5e6871c84a661
     with:
       project: "chainloop"
       workflow_name: "chainloop-vault-helm-package"
@@ -33,6 +33,7 @@ jobs:
     env:
       CHAINLOOP_TOKEN: ${{ secrets.CHAINLOOP_TOKEN }}
       CHAINLOOP_WORKFLOW_NAME: ${{ needs.onboard_workflow.outputs.workflow_name }}
+      CHAINLOOP_PROJECT: ${{ needs.onboard_workflow.outputs.project_name }}
     steps:
       - name: Install Chainloop
         run: |
@@ -52,7 +53,7 @@ jobs:
 
       - name: Initialize Attestation
         run: |
-          chainloop attestation init --workflow ${CHAINLOOP_WORKFLOW_NAME}
+          chainloop attestation init --workflow ${CHAINLOOP_WORKFLOW_NAME} --project ${CHAINLOOP_PROJECT}
 
       - name: Package Chart
         run: helm package deployment/chainloop/

.github/workflows/release.yaml

@@ -9,7 +9,8 @@ jobs:
   # be ignored and the process will continue. For this to work it's using a pre-created API Token
   onboard_workflow:
     name: Onboard Chainloop Workflow
-    uses: chainloop-dev/labs/.github/workflows/chainloop_onboard.yml@4173e015dbd5dc2a8802555c268da63d57bbe576
+    # TODO: pin
+    uses: chainloop-dev/labs/.github/workflows/chainloop_onboard.yml@edd4d30e954a4a456dd770f3b7c5e6871c84a661
     with:
       project: "chainloop"
       workflow_name: "chainloop-vault-release"
@@ -26,6 +27,7 @@ jobs:
     env:
       CHAINLOOP_TOKEN: ${{ secrets.CHAINLOOP_TOKEN }}
       CHAINLOOP_WORKFLOW_NAME: ${{ needs.onboard_workflow.outputs.workflow_name }}
+      CHAINLOOP_PROJECT: ${{ needs.onboard_workflow.outputs.project_name }}
       GH_TOKEN: ${{ github.token }}
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
@@ -36,7 +38,7 @@ jobs:
 
       - name: Initialize Attestation
         run: |
-          chainloop attestation init --workflow ${CHAINLOOP_WORKFLOW_NAME}
+          chainloop attestation init --workflow ${CHAINLOOP_WORKFLOW_NAME} --project ${CHAINLOOP_PROJECT}
 
       - name: Attest all assets
         run: |

.github/workflows/scorecards.yml

@@ -26,6 +26,7 @@ jobs:
     with:
       chainloop_labs_branch: dfc395be86c9254f42de204584a032d5c1f99706
       workflow_name: "chainloop-vault-scorecards"
+      project_name: "chainloop"
 
   analysis:
     name: Scorecard analysis
@@ -94,5 +95,4 @@ jobs:
       signing_key_password: ${{ secrets.COSIGN_PASSWORD }}
     with:
       attestation_name: "scorecards"
-      chainloop_labs_branch: dfc395be86c9254f42de204584a032d5c1f99706
       workflow_name: "chainloop-vault-scorecards"

extras/dagger/README.md

@@ -73,6 +73,7 @@ dagger call -m github.com/chainloop-dev/chainloop \
   --repository /path/to/repo \ # optional flag to automatically attest a Git repository
   --contract-revision 1 \ # optional flag to specify the revision of the Workflow Contract (default `latest`)
   --workflow-name the-name-of-the-workflow
+  --project-name the-name-of-the-project
 ```
 
 #### 2 - Get the status ([docs](https://docs.chainloop.dev/getting-started/attestation-crafting#inspecting-the-crafting-status))