From 67798b06c0769a74f7c206c009df78e38a7e7778 Mon Sep 17 00:00:00 2001
From: Meredith Lancaster <malancas@github.com>
Date: Fri, 6 Dec 2024 08:32:16 -0700
Subject: [PATCH] use github owned oci image

Signed-off-by: Meredith Lancaster <malancas@github.com>
---
 pkg/cmd/attestation/verify/verify_integration_test.go | 6 +++---
 test/integration/attestation-cmd/verify-oci-bundle.sh | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/pkg/cmd/attestation/verify/verify_integration_test.go b/pkg/cmd/attestation/verify/verify_integration_test.go
index f20ecfc31..4d4c9599c 100644
--- a/pkg/cmd/attestation/verify/verify_integration_test.go
+++ b/pkg/cmd/attestation/verify/verify_integration_test.go
@@ -115,15 +115,15 @@ func TestVerifyIntegration(t *testing.T) {
 	t.Run("with bundle from OCI registry", func(t *testing.T) {
 		opts := Options{
 			APIClient:             api.NewLiveClient(hc, host, logger),
-			ArtifactPath:          "oci://ghcr.io/malancas/attest-demo:latest",
+			ArtifactPath:          "oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller:v0.10.0-github9",
 			UseBundleFromRegistry: true,
 			DigestAlgorithm:       "sha256",
 			Logger:                logger,
 			OCIClient:             oci.NewLiveClient(),
 			OIDCIssuer:            verification.GitHubOIDCIssuer,
-			Owner:                 "malancas",
+			Owner:                 "github",
 			PredicateType:         verification.SLSAPredicateV1,
-			SANRegex:              "^https://github.com/malancas/",
+			SANRegex:              "^https://github.com/github/",
 			SigstoreVerifier:      verification.NewLiveSigstoreVerifier(sigstoreConfig),
 		}
 
diff --git a/test/integration/attestation-cmd/verify-oci-bundle.sh b/test/integration/attestation-cmd/verify-oci-bundle.sh
index c0444899d..0e9fd2281 100755
--- a/test/integration/attestation-cmd/verify-oci-bundle.sh
+++ b/test/integration/attestation-cmd/verify-oci-bundle.sh
@@ -7,8 +7,8 @@ rootDir="$(git rev-parse --show-toplevel)"
 ghBuildPath="$rootDir/bin/gh"
 
 # Verify an OCI artifact with bundles stored on the GHCR OCI registry
-echo "Testing with OCI image ghcr.io/malancas/attest-demo:latest with the --bundle-from-oci flag"
-if ! $ghBuildPath attestation verify oci://ghcr.io/malancas/attest-demo:latest --owner=malancas --bundle-from-oci; then
-    echo "Failed to verify oci://ghcr.io/malancas/attest-demo:latest with bundles from the GHCR OCI registry"
+echo "Testing with OCI image ghcr.io/github/artifact-attestations-helm-charts/policy-controller:v0.10.0-github9 with the --bundle-from-oci flag"
+if ! $ghBuildPath attestation verify oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller:v0.10.0-github9 --owner=github --bundle-from-oci; then
+    echo "Failed to verify oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller:v0.10.0-github9 with bundles from the GHCR OCI registry"
     exit 1
 fi