From fc183a6468cfeb8e5899f39fd2bc594ec5d31d65 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Claudio=20Andr=C3=A9?= <dev@claudioandre.slmail.me>
Date: Thu, 25 Apr 2024 07:17:59 -0300
Subject: [PATCH] Fix GitHub Releases example in README.md (#346)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- subcommand: otherwise you will get "Error: unknown flag: --tag-name"
- permissions: otherwise 403
  "Error: failed to upload provenance to release: POST
  https://uploads.github.com/repos/claudioandre-br/john-packages/releases/152590477/assets?name=provenance.json:
  403 Resource not accessible by integration []"

Signed-off-by: Claudio André <dev@claudioandre.slmail.me>
---
 README.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index a318c054..08d177c9 100644
--- a/README.md
+++ b/README.md
@@ -142,13 +142,16 @@ The easiest way to use this action is to add the following into your workflow fi
     name: provenance
     needs: [release]
     runs-on: ubuntu-20.04
+    permissions:
+      # required to update the release.
+      contents: write
 
     steps:
       - name: Generate provenance for Release
         uses: philips-labs/slsa-provenance-action@v0.7.2
         with:
           command: generate
-          subcommand: files
+          subcommand: github-release
           arguments: --artifact-path release-assets --output-path 'provenance.json' --tag-name ${{ github.ref_name }}
         env:
           GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"