Use detect-workflow action (slsa-framework#49)

Updates #26

.github/workflows/slsa2_provenance.yml

@@ -46,21 +46,7 @@ jobs:
     steps:
       - name: Detect the repository and ref
         id: detect
-        shell: bash
-        run: |
-          status_code=$(curl -sS -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=slsa-framework/slsa-github-generator" -o jwt.json -w '%{http_code}')
-          if [[ $status_code -lt 200 ]] || [[ $status_code -ge 300 ]]; then
-              error_msg=$(jq -r .message jwt.json 2>/dev/null || echo 'unknown error')
-              echo "Failed to get OIDC token from GitHub, response $status_code: $error_msg"
-              exit 1;
-          fi
-          export WORKFLOW_REF=$(cat jwt.json | jq -r '.value' | cut -d "." -f2 | base64 -d | jq -r '.job_workflow_ref')
-          if [ -z $WORKFLOW_REF ]; then
-            echo "OIDC token parsing failure: job_workflow_ref could not be retrieved"
-            exit 1;
-          fi
-          echo "::set-output name=repository::$(echo $WORKFLOW_REF | cut -d "@" -f1 | cut -d '/' -f1-2)"
-          echo "::set-output name=ref::$(echo $WORKFLOW_REF | cut -d "@" -f2)"
+        uses: slsa-framework/slsa-github-generator/.github/actions/detect-workflow@aec5cd1e20507a6f1b5d8e82a8f62c3e2ca9b9f9
 
   ###################################################################
   #                                                                 #