Update attestaion ruletype name

Signed-off-by: Adolfo García Veytia (Puerco) <[email protected]>
mindersec · May 2, 2024 · d542263 · d542263
1 parent 3018f7c
commit d542263
Showing 1 changed file with 12 additions and 5 deletions.
diff --git a/rule-types/github/artifact_attestation_slsa.yaml b/rule-types/github/artifact_attestation_slsa.yaml
@@ -1,16 +1,18 @@
 ---
 version: v1
 type: rule-type
-name: attestation_slsa_github
+name: artifact_attestation_slsa
 context:
   provider: github
 description: |
-  Verifies a provenance attestation with a GitHub build definition matches the
-  expected values. 
+  Verifies a SLSA provenance attestation
 guidance: |
-  Provenance attestation capture the build environment and parameters where a
+  Provenance attestations capture the build environment and parameters where a
   software artifact was created. By controlling the build environment, developers
-  can make sure no malicious artifacts where injected into the build process.
+  can check the integity of the build environment and that no malicious code
+  was injected into the build process.
+
+  For more information visit https://slsa.dev
 def:
   # Defines the section of the pipeline the rule will appear in.
   # This will affect the template used to render multiple parts
@@ -85,6 +87,11 @@ def:
 
         default allow := false
         default skip := false
+
+        # Defaults
+        workflow_ref := input.profile.workflow_ref
+        default workflow_ref := "refs/heads/main"
+        
         
         artifacts_github_provenance = {artifact |
           some artifact in input.ingested