build: updating provenance generation for manual-publish workflows

Author: rsoberano-ld

.github/workflows/manual-publish.yml

@@ -47,6 +47,5 @@ jobs:
     uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.7.0
     with:
       base64-subjects: "${{ needs.build-publish.outputs.gem-hash }}"
-      upload-assets: true
-      upload-tag-name: TBD
+      upload-assets: ${{ !inputs.dry_run }}
 

PROVENANCE.md

@@ -19,8 +19,6 @@ $ slsa-verifier verify-artifact \
 --provenance-path multiple-provenance.intoto.jsonl \
 --source-uri github.com/launchdarkly/ruby-server-sdk \
 launchdarkly-server-sdk-VERSION.gem
-
-TBD OUTPUT
 ```
 
 Alternatively, to verify the provenance manually, the SLSA framework specifies [recommendations for verifying build artifacts](https://slsa.dev/spec/v1.0/verifying-artifacts) in their documentation.