feat(breaking): remove attestation-name input and output (#3456)

# Summary

- Reverting #3399
- Fixes
#3031
- Fixes
#3072
- Removes the attestation-name input and output from the
generator_generic_slsa3.yml, which has been deprecated for
provenance-name.

## Testing Process

- We have existing PR Check workflows that do call the generic-genertor
wth the correct parameters
- example-package e2e2 tests have already been updated to use the new
parameter and are already passing.

## Checklist

- [x] Review the contributing [guidelines](./../CONTRIBUTING.md)
- [x] Add a reference to related issues in the PR description.
- [x] Update documentation if applicable.
- [x] Add unit tests if applicable.
- [x] Add changes to the [CHANGELOG](./../CHANGELOG.md) if applicable.

Signed-off-by: Ramon Petgrave <[email protected]>

Author: ramonpetgrave64

.github/workflows/generator_generic_slsa3.yml

@@ -56,10 +56,6 @@ on:
           the assets.
         type: string
         default: ""
-      attestation-name:
-        description: "The artifact name of the signed provenance. The file must have the intoto.jsonl extension. Defaults to <filename>.intoto.jsonl for single artifact or multiple.intoto.jsonl for multiple artifacts. DEPRECATED: Use provenance-name instead."
-        required: false
-        type: string
       provenance-name:
         description: The artifact name of the signed provenance. The file must have the intoto.jsonl extension. Defaults to <filename>.intoto.jsonl for single artifact or multiple.intoto.jsonl for multiple artifacts.
         required: false
@@ -98,9 +94,6 @@ on:
           Note: This value is non-empty only when a release asset is uploaded, according to
           the values of `upload-assets` and `upload-tag-name`.
         value: ${{ jobs.upload-assets.outputs.release-id }}
-      attestation-name:
-        description: "DEPRECATED: use the provenance-name output instead."
-        value: ${{ jobs.generator.outputs.provenance-name }}
       provenance-name:
         description: "The artifact name of the signed provenance. (A file with the intoto.jsonl extension)."
         value: ${{ jobs.generator.outputs.provenance-name }}
@@ -226,17 +219,11 @@ jobs:
         env:
           GITHUB_CONTEXT: "${{ toJSON(github) }}"
           UNTRUSTED_PROVENANCE_NAME: "${{ inputs.provenance-name }}"
-          UNTRUSTED_DEPRECATED_ATTESTATION_NAME: "${{ inputs.attestation-name }}"
         run: |
           set -euo pipefail
           untrusted_prov_name=""
           if [ "$UNTRUSTED_PROVENANCE_NAME" != "" ]; then
             untrusted_prov_name="$UNTRUSTED_PROVENANCE_NAME"
-          else
-            if [ "$UNTRUSTED_DEPRECATED_ATTESTATION_NAME" != "" ]; then
-              echo "WARNING: deprecated attestation-name was used. Use provenance-name instead."
-              untrusted_prov_name="$UNTRUSTED_DEPRECATED_ATTESTATION_NAME"
-            fi
           fi
           # Create and sign provenance.
           # NOTE: The builder verifies that the provenance path is located

CHANGELOG.md

@@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 <!-- toc -->
 
 - [Unreleased](#unreleased)
+  - [Unreleased: Breaking Change: attestation-name Workflow Input and Output](#unreleased-breaking-change-attestation-name-workflow-input-and-output)
   - [Unreleased: DSSE Rekor Type](#unreleased-dsse-rekor-type)
 - [v1.10.0](#v1100)
   - [v1.10.0: TUF fix](#v1100-tuf-fix)
@@ -102,6 +103,10 @@ duplication."
 
 ## Unreleased
 
+### Unreleased: Breaking Change: attestation-name Workflow Input and Output
+
+- `attestation-name` as a workflow input to `.github/workflows/generator_generic_slsa3.yml` is now removed. Use `provenance-name` instead.
+
 ### Unreleased: DSSE Rekor Type
 
 - When uploading signed provenance to the log, the entry created in the log is now

internal/builders/generic/README.md

@@ -266,7 +266,6 @@ The [generic workflow](https://github.com/slsa-framework/slsa-github-generator/b
 | `upload-assets`           | no                                                                 | false                                                                                           | If true provenance is uploaded to a GitHub release for new tags.                                                                                                                                                                                                                   |
 | `upload-tag-name`         | no                                                                 |                                                                                                 | If specified and `upload-assets` is set to true, the provenance will be uploaded to a Github release identified by the tag-name regardless of the triggering event.                                                                                                                |
 | `provenance-name`         | no                                                                 | "(subject name).intoto.jsonl" if a single subject. "multiple.intoto.json" if multiple subjects. | The artifact name of the signed provenance. The file must have the `intoto.jsonl` extension.                                                                                                                                                                                       |
-| `attestation-name`        | no                                                                 | "(subject name).intoto.jsonl" if a single subject. "multiple.intoto.json" if multiple subjects. | The artifact name of the signed provenance. The file must have the `intoto.jsonl` extension. DEPRECATED: use `provenance-name` instead.                                                                                                                                            |
 | `private-repository`      | no                                                                 | false                                                                                           | Set to true to opt-in to posting to the public transparency log. Will generate an error if false for private repositories. This input has no effect for public repositories. See [Private Repositories](#private-repositories).                                                    |
 | `continue-on-error`       | no                                                                 | false                                                                                           | Set to true to ignore errors. This option is useful if you won't want a failure to fail your entire workflow.                                                                                                                                                                      |
 | `draft-release`           | no                                                                 | false                                                                                           | If true, the release is created as a draft                                                                                                                                                                                                                                         |
@@ -278,7 +277,6 @@ The [generic workflow](https://github.com/slsa-framework/slsa-github-generator/b
 | Name               | Description                                                                                     |
 | ------------------ | ----------------------------------------------------------------------------------------------- |
 | `provenance-name`  | The artifact name of the signed provenance.                                                     |
-| `attestation-name` | The artifact name of the signed provenance. DEPRECATED: use `provenance-name` instead.          |
 | `outcome`          | If `continue-on-error` is `true`, will contain the outcome of the run (`success` or `failure`). |
 
 ### Provenance Format