aflock-ai/cilock-action reference
Source of truth:
cilock-action/action.yml.
The cilock GitHub Action wraps a command (or another GitHub Action) and produces signed attestations. It downloads its own variant of the cilock binary at runtime from the cilock-action releases.
- uses: aflock-ai/cilock-action@v1
with:
step: build
command: "go build -o myapp ./cmd/myapp"
Required permissionsโ
For keyless Sigstore signing (the default), the workflow needs:
permissions:
id-token: write # for OIDC token to Fulcio
contents: read # standard checkout
Add packages: write if you push container images, etc.
Inputsโ
Coreโ
One of command or action-ref is required.
| Input | Default | Description |
|---|---|---|
step | (required) | Step name for the attestation. |
command | (none) | Shell command to run. |
action-ref | (none) | GitHub Action to wrap (owner/repo@ref or docker://image). |
action-inputs | (none) | JSON map of inputs to pass to the wrapped action. |
action-env | (none) | Additional env vars for the wrapped action (KEY=VALUE per line). |
Binaryโ
| Input | Default | Description |
|---|---|---|
version | matches action tag | cilock-action release version to download. |
cilock-binary-url | (none) | Custom URL for a pre-built cilock binary. |
cilock-args | (none) | Additional raw args passed through to cilock. |
Attestationโ
| Input | Default | Description |
|---|---|---|
attestations | environment git github | Space-separated attestor list (the shim translates to the comma-separated form the cilock CLI expects). |
outfile | (none) | Output file for signed envelope. |
workingdir | (none) | Working directory. |
trace | false | Enable command tracing. |
hashes | sha256 | Hash algorithms. |
TestifySec platformโ
| Input | Default | Description |
|---|---|---|
platform-url | https://platform.testifysec.com | All service URLs are derived from this. Self-hosted customers override. |
Archivistaโ
Derived from platform-url if not explicitly set.
| Input | Default | Description |
|---|---|---|
enable-archivista | true | Store attestations in Archivista. |
archivista-server | derived from platform-url | Archivista server URL. |
Sigstore / Fulcioโ
Derived from platform-url if not explicitly set.
| Input | Default | Description |
|---|---|---|
enable-sigstore | true | Enable Sigstore/Fulcio signing. |
fulcio-url | derived from platform-url | Fulcio server URL. |
fulcio-oidc-client-id | sigstore | Fulcio OIDC client ID. |
fulcio-oidc-issuer | https://token.actions.githubusercontent.com | Fulcio OIDC issuer URL. |
fulcio-use-http | true | Use HTTP/REST API for Fulcio (works behind any reverse proxy). |
File signerโ
| Input | Default | Description |
|---|---|---|
key | (none) | Path to signing key. |
certificate | (none) | Path to signing certificate. |
intermediates | (none) | Comma-separated paths to intermediate certificates. |
KMSโ
| Input | Default | Description |
|---|---|---|
kms-aws-profile | (none) | AWS profile for KMS signing. |
kms-gcp-credentials-file | (none) | GCP credentials file for KMS signing. |
kms-ref | (none) | KMS key reference URI (awskms://..., gcpkms://..., azurekms://..., hashivault://...). |
Vaultโ
| Input | Default | Description |
|---|---|---|
vault-url | (none) | HashiCorp Vault URL. |
vault-token | (none) | HashiCorp Vault token. |
Timestampsโ
| Input | Default | Description |
|---|---|---|
timestamp-servers | derived from platform-url | Space-separated TSA URLs. |
Environment filteringโ
| Input | Default | Description |
|---|---|---|
env-add-sensitive-key | (none) | Comma-separated additional sensitive env var keys. |
env-filter-sensitive-vars | false | Filter (remove) sensitive vars instead of obfuscating. |
Material / Productโ
| Input | Default | Description |
|---|---|---|
product-include-glob | * | Glob for product file inclusion. |
product-exclude-glob | (none) | Glob for product file exclusion. |
Attestor exportsโ
| Input | Default | Description |
|---|---|---|
attestor-sbom-export | false | Export SBOM as a separate attestation. |
attestor-slsa-export | false | Export SLSA provenance as a separate attestation. |
Builderโ
| Input | Default | Description |
|---|---|---|
builder-manifest | (none) | Path to a rookery-builder manifest for a custom binary. |
builder-preset | (none) | Builder preset: minimal, cicd, all. |
Outputsโ
| Output | Description |
|---|---|
git_oid | GitOID of the stored attestation. |
attestation_file | Path to the attestation output. |
Runtimeโ
runs:
using: "node20"
main: "shim/index.js"
The shim/index.js Node entry point downloads the variant binary from https://github.com/aflock-ai/cilock-action/releases/{latest/download | download/<tag>} and invokes it with the constructed args.
Worked examplesโ
The action ships example workflows in examples/github/:
- Wrapping another GitHub Action (e.g.
docker/build-push-action) - Wrapping a shell command
- Multi-step pipeline with downstream verification
The full end-to-end walkthrough lives in the GitHub Actions tutorial.