From 2477734922dca1b8b0c71c18c149c877c8e2badd Mon Sep 17 00:00:00 2001
From: Maksim Khimchenko <maksim.khimchenko@flant.com>
Date: Tue, 16 Dec 2025 18:34:46 +0300
Subject: [PATCH] add inputs to provide ability for using vex template for
 attestation

Signed-off-by: Maksim Khimchenko <maksim.khimchenko@flant.com>
---
 build/action.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/build/action.yml b/build/action.yml
index 2d182ca..b82f9d2 100644
--- a/build/action.yml
+++ b/build/action.yml
@@ -31,6 +31,24 @@ inputs:
   source_repo_ssh_key:
     description: "SSH private key for the source repository"
     required: false
+  cosign_vault_address:
+    description: "Vault adddress"
+    required: false
+  cosign_vault_key:
+    description: "Key in the vault"
+    required: false
+  cosign_transit_secret_engine_path:
+    description: "Transit engine secret path"
+    required: false
+  cosign_auth_role:
+    description: "Auth role"
+    required: false
+  registry_user:
+    description: "User to authenticate to registry"
+    required: false
+  registry_password:
+    description: "Password to authenticate to registry"
+    required: false
 
 runs:
   using: "composite"
@@ -124,6 +142,12 @@ runs:
         SVACE_ANALYZE_HOST: "${{ inputs.svace_analyze_host }}"
         SVACE_ANALYZE_SSH_USER: "${{ inputs.svace_analyze_ssh_user }}"
         SVACE_ENABLED: "${{ inputs.svace_enabled }}"
+        COSIGN_VAULT_ADDRESS: "${{ inputs.cosign_vault_address }}"
+        COSIGN_VAULT_KEY: "${{ inputs.cosign_vault_key }}"
+        COSIGN_TRANSIT_SECRET_ENGINE_PATH: "${{ inputs.cosign_transit_secret_engine_path }}"
+        COSIGN_AUTH_ROLE: "${{ inputs.cosign_auth_role }}"
+        REGISTRY_USER: "${{ inputs.registry_user }}"
+        REGISTRY_PASSWORD: "${{ inputs.registry_password }}"
 
     - name: Cleanup ssh-agent
       if: ${{ steps.ssh_agent.outcome != 'skipped' && always() }}