async all file functions

Signed-off-by: Brian DeHamer <bdehamer@github.com>
This commit is contained in:
Brian DeHamer
2026-02-13 15:20:42 -08:00
parent 02c1da5b1d
commit 0415dcc0d0
5 changed files with 55 additions and 38 deletions
+18 -14
View File
@@ -11,33 +11,35 @@ describe('subjectFromInputs', () => {
}
describe('when no inputs are provided', () => {
it('throws an error', () => {
expect(() => predicateFromInputs(blankInputs)).toThrow(/predicate-type/i)
it('throws an error', async () => {
await expect(predicateFromInputs(blankInputs)).rejects.toThrow(
/predicate-type/i
)
})
})
describe('when neither predicate path nor predicate are provided', () => {
it('throws an error', () => {
it('throws an error', async () => {
const inputs: PredicateInputs = {
...blankInputs,
predicateType: 'https://example.com/predicate'
}
expect(() => predicateFromInputs(inputs)).toThrow(
await expect(predicateFromInputs(inputs)).rejects.toThrow(
/one of predicate-path or predicate must be provided/i
)
})
})
describe('when both predicate path and predicate are provided', () => {
it('throws an error', () => {
it('throws an error', async () => {
const inputs: PredicateInputs = {
predicateType: 'https://example.com/predicate',
predicate: '{}',
predicatePath: 'path/to/predicate'
}
expect(() => predicateFromInputs(inputs)).toThrow(
await expect(predicateFromInputs(inputs)).rejects.toThrow(
/only one of predicate-path or predicate may be provided/i
)
})
@@ -65,13 +67,13 @@ describe('subjectFromInputs', () => {
await fs.rm(path.parse(predicatePath).dir, { recursive: true })
})
it('returns the predicate', () => {
it('returns the predicate', async () => {
const inputs: PredicateInputs = {
...blankInputs,
predicateType,
predicatePath
}
expect(predicateFromInputs(inputs)).toEqual({
await expect(predicateFromInputs(inputs)).resolves.toEqual({
type: predicateType,
params: JSON.parse(content)
})
@@ -82,13 +84,15 @@ describe('subjectFromInputs', () => {
const predicateType = 'https://example.com/predicate'
const predicatePath = 'foo'
it('returns the predicate', () => {
it('returns the predicate', async () => {
const inputs: PredicateInputs = {
...blankInputs,
predicateType,
predicatePath
}
expect(() => predicateFromInputs(inputs)).toThrow(/file not found/)
await expect(predicateFromInputs(inputs)).rejects.toThrow(
/file not found/
)
})
})
@@ -96,14 +100,14 @@ describe('subjectFromInputs', () => {
const predicateType = 'https://example.com/predicate'
const content = '{}'
it('returns the predicate', () => {
it('returns the predicate', async () => {
const inputs: PredicateInputs = {
...blankInputs,
predicateType,
predicate: content
}
expect(predicateFromInputs(inputs)).toEqual({
await expect(predicateFromInputs(inputs)).resolves.toEqual({
type: predicateType,
params: JSON.parse(content)
})
@@ -114,14 +118,14 @@ describe('subjectFromInputs', () => {
const predicateType = 'https://example.com/predicate'
const content = JSON.stringify({ a: 'a'.repeat(16 * 1024 * 1024) })
it('throws an error', () => {
it('throws an error', async () => {
const inputs: PredicateInputs = {
...blankInputs,
predicateType,
predicate: content
}
expect(() => predicateFromInputs(inputs)).toThrow(
await expect(predicateFromInputs(inputs)).rejects.toThrow(
/predicate string exceeds maximum/
)
})
+6 -6
View File
@@ -1,6 +1,6 @@
import * as core from '@actions/core'
import * as github from '@actions/github'
import fs from 'fs'
import fs from 'fs/promises'
import os from 'os'
import path from 'path'
import { AttestResult, SigstoreInstance, createAttestation } from './attest'
@@ -90,7 +90,7 @@ export async function run(inputs: RunInputs): Promise<void> {
// Generate predicate based on attestation type
const predicate = await getPredicateForType(attestationType, inputs)
const outputPath = path.join(tempDir(), ATTESTATION_FILE_NAME)
const outputPath = path.join(await tempDir(), ATTESTATION_FILE_NAME)
core.setOutput('bundle-path', outputPath)
const att = await createAttestation(subjects, predicate, {
@@ -103,7 +103,7 @@ export async function run(inputs: RunInputs): Promise<void> {
logAttestation(subjects, att, sigstoreInstance)
// Write attestation bundle to output file
fs.writeFileSync(outputPath, JSON.stringify(att.bundle) + os.EOL, {
await fs.writeFile(outputPath, JSON.stringify(att.bundle) + os.EOL, {
encoding: 'utf-8',
flag: 'a'
})
@@ -113,7 +113,7 @@ export async function run(inputs: RunInputs): Promise<void> {
if (baseDir) {
const outputSummaryPath = path.join(baseDir, ATTESTATION_PATHS_FILE_NAME)
// Append the output path to the attestations paths file
fs.appendFileSync(outputSummaryPath, outputPath + os.EOL, {
await fs.appendFile(outputSummaryPath, outputPath + os.EOL, {
encoding: 'utf-8',
flag: 'a'
})
@@ -221,7 +221,7 @@ const logSummary = async (attestation: AttestResult): Promise<void> => {
}
}
const tempDir = (): string => {
const tempDir = async (): Promise<string> => {
const basePath = process.env['RUNNER_TEMP']
/* istanbul ignore if */
@@ -229,7 +229,7 @@ const tempDir = (): string => {
throw new Error('Missing RUNNER_TEMP environment variable')
}
return fs.mkdtempSync(path.join(basePath, path.sep))
return fs.mkdtemp(path.join(basePath, path.sep))
}
const attestationURL = (id: string): string =>
+11 -5
View File
@@ -1,4 +1,4 @@
import fs from 'fs'
import fs from 'fs/promises'
import type { Predicate } from '@actions/attest'
@@ -12,7 +12,9 @@ const MAX_PREDICATE_SIZE_BYTES = 16 * 1024 * 1024
// Returns the predicate specified by the action's inputs. The predicate value
// may be specified as a path to a file or as a string.
export const predicateFromInputs = (inputs: PredicateInputs): Predicate => {
export const predicateFromInputs = async (
inputs: PredicateInputs
): Promise<Predicate> => {
const { predicateType, predicate, predicatePath } = inputs
if (!predicateType) {
@@ -30,18 +32,22 @@ export const predicateFromInputs = (inputs: PredicateInputs): Predicate => {
let params: string = predicate
if (predicatePath) {
if (!fs.existsSync(predicatePath)) {
try {
await fs.access(predicatePath)
} catch {
throw new Error(`predicate file not found: ${predicatePath}`)
}
/* istanbul ignore next */
if (fs.statSync(predicatePath).size > MAX_PREDICATE_SIZE_BYTES) {
const stat = await fs.stat(predicatePath)
/* istanbul ignore next */
if (stat.size > MAX_PREDICATE_SIZE_BYTES) {
throw new Error(
`predicate file exceeds maximum allowed size: ${MAX_PREDICATE_SIZE_BYTES} bytes`
)
}
params = fs.readFileSync(predicatePath, 'utf-8')
params = await fs.readFile(predicatePath, 'utf-8')
} else {
if (predicate.length > MAX_PREDICATE_SIZE_BYTES) {
throw new Error(
+3 -3
View File
@@ -1,4 +1,4 @@
import fs from 'fs'
import fs from 'fs/promises'
import type { Predicate } from '@actions/attest'
@@ -11,9 +11,9 @@ export type SBOM = {
const MAX_SBOM_SIZE_BYTES = 16 * 1024 * 1024
export const parseSBOMFromPath = async (filePath: string): Promise<SBOM> => {
const fileContent = await fs.promises.readFile(filePath, 'utf8')
const fileContent = await fs.readFile(filePath, 'utf8')
const stats = await fs.promises.stat(filePath)
const stats = await fs.stat(filePath)
if (stats.size > MAX_SBOM_SIZE_BYTES) {
throw new Error(
`SBOM file exceeds maximum allowed size: ${MAX_SBOM_SIZE_BYTES} bytes`
+17 -10
View File
@@ -2,7 +2,8 @@ import * as glob from '@actions/glob'
import assert from 'assert'
import crypto from 'crypto'
import { parse } from 'csv-parse/sync'
import fs from 'fs'
import { createReadStream } from 'fs'
import fs from 'fs/promises'
import os from 'os'
import path from 'path'
@@ -64,7 +65,7 @@ export const subjectFromInputs = async (
case !!subjectDigest:
return [getSubjectFromDigest(subjectDigest, name)]
case !!subjectChecksums:
return getSubjectFromChecksums(subjectChecksums)
return await getSubjectFromChecksums(subjectChecksums)
/* istanbul ignore next */
default:
// This should be unreachable, but TS requires a default case
@@ -94,7 +95,8 @@ const getSubjectFromPath = async (
const paths = await glob.create(subjectPaths).then(async g => g.glob())
// Filter path list to just the files (not directories)
const files = paths.filter(p => fs.statSync(p).isFile())
const stats = await Promise.all(paths.map(async p => fs.stat(p)))
const files = paths.filter((_, i) => stats[i].isFile())
if (files.length > MAX_SUBJECT_COUNT) {
throw new Error(
@@ -142,16 +144,21 @@ const getSubjectFromDigest = (
}
}
const getSubjectFromChecksums = (subjectChecksums: string): Subject[] => {
if (fs.existsSync(subjectChecksums)) {
const getSubjectFromChecksums = async (
subjectChecksums: string
): Promise<Subject[]> => {
try {
await fs.access(subjectChecksums)
return getSubjectFromChecksumsFile(subjectChecksums)
} else {
} catch {
return getSubjectFromChecksumsString(subjectChecksums)
}
}
const getSubjectFromChecksumsFile = (checksumsPath: string): Subject[] => {
const stats = fs.statSync(checksumsPath)
const getSubjectFromChecksumsFile = async (
checksumsPath: string
): Promise<Subject[]> => {
const stats = await fs.stat(checksumsPath)
if (!stats.isFile()) {
throw new Error(`subject checksums file not found: ${checksumsPath}`)
}
@@ -163,7 +170,7 @@ const getSubjectFromChecksumsFile = (checksumsPath: string): Subject[] => {
)
}
const checksums = fs.readFileSync(checksumsPath, 'utf-8')
const checksums = await fs.readFile(checksumsPath, 'utf-8')
return getSubjectFromChecksumsString(checksums)
}
@@ -218,7 +225,7 @@ const digestFile = async (
): Promise<string> => {
return new Promise((resolve, reject) => {
const hash = crypto.createHash(algorithm).setEncoding('hex')
fs.createReadStream(filePath)
createReadStream(filePath)
.once('error', reject)
.pipe(hash)
.once('finish', () => resolve(hash.read()))