From ee6f1c105145367cbf5132a3997a0cca4d97d67e Mon Sep 17 00:00:00 2001
From: Andreas Falk <info@andreas-falk.de>
Date: Sun, 8 Oct 2023 15:46:27 +0200
Subject: [PATCH] Refactor

---
 .github/workflows/build.yml      |  7 +------
 .github/workflows/provenance.yml | 13 +++++++++++++
 2 files changed, 14 insertions(+), 6 deletions(-)
 create mode 100644 .github/workflows/provenance.yml

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 236c39e..5c9bc6f 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,6 +1,5 @@
 name: Build with provenance
 on:
-  - workflow_dispatch
   - push
 
 permissions: read-all
@@ -22,8 +21,4 @@ jobs:
           distribution: 'liberica'
           architecture: x64
       - name: Maven build
-        run: ./mvnw --batch-mode --update-snapshots verify
-      - name: Add provenence
-        uses: slsa-framework/slsa-github-generator/.github/workflows/builder_maven_slsa3.yml@v1.9.0
-        with:
-          rekor-log-public: true
\ No newline at end of file
+        run: ./mvnw --batch-mode --update-snapshots verify
\ No newline at end of file
diff --git a/.github/workflows/provenance.yml b/.github/workflows/provenance.yml
new file mode 100644
index 0000000..7d42639
--- /dev/null
+++ b/.github/workflows/provenance.yml
@@ -0,0 +1,13 @@
+name: Generate provenance
+on:
+  - workflow_dispatch
+
+permissions: read-all
+
+jobs:
+  build:
+    permissions:
+      id-token: write
+      contents: read
+      actions: read
+    uses: slsa-framework/slsa-github-generator/.github/workflows/builder_maven_slsa3.yml@v1.9.0
\ No newline at end of file