Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 69989a9c31 | |||
| ec072a1cb2 | |||
| 8b290b8d86 | |||
| 35cfe2422e |
@@ -30,6 +30,7 @@ describe('index', () => {
|
||||
'subject-name': 'my-artifact',
|
||||
'subject-digest': '',
|
||||
'subject-checksums': '',
|
||||
'subject-version': '',
|
||||
'predicate-type': 'https://example.com/predicate',
|
||||
predicate: '{}',
|
||||
'predicate-path': '',
|
||||
@@ -57,6 +58,7 @@ describe('index', () => {
|
||||
subjectName: 'my-artifact',
|
||||
subjectDigest: '',
|
||||
subjectChecksums: '',
|
||||
subjectVersion: '',
|
||||
predicateType: 'https://example.com/predicate',
|
||||
predicate: '{}',
|
||||
predicatePath: '',
|
||||
|
||||
@@ -145,7 +145,8 @@ describe('createAttestation', () => {
|
||||
const storageOpts = {
|
||||
...defaultOpts,
|
||||
pushToRegistry: true,
|
||||
createStorageRecord: true
|
||||
createStorageRecord: true,
|
||||
subjectVersion: '1.2.3'
|
||||
}
|
||||
|
||||
it('should create storage record when enabled and owner is org', async () => {
|
||||
@@ -157,10 +158,27 @@ describe('createAttestation', () => {
|
||||
storageOpts
|
||||
)
|
||||
|
||||
expect(mockCreateStorageRecord).toHaveBeenCalled()
|
||||
expect(mockCreateStorageRecord).toHaveBeenCalledWith(
|
||||
expect.objectContaining({ version: '1.2.3' }),
|
||||
expect.anything(),
|
||||
expect.anything()
|
||||
)
|
||||
expect(result.storageRecordIds).toEqual([12345])
|
||||
})
|
||||
|
||||
it('should omit version from storage record when subjectVersion is empty', async () => {
|
||||
const subjects = [TEST_SUBJECT_WITH_REGISTRY]
|
||||
const opts = { ...storageOpts, subjectVersion: '' }
|
||||
|
||||
await createAttestation(subjects, TEST_PREDICATE, opts)
|
||||
|
||||
expect(mockCreateStorageRecord).toHaveBeenCalledWith(
|
||||
expect.objectContaining({ version: undefined }),
|
||||
expect.anything(),
|
||||
expect.anything()
|
||||
)
|
||||
})
|
||||
|
||||
it('should skip storage record when owner is User', async () => {
|
||||
mockGetOctokit.mockReturnValue(createOctokitMock('User'))
|
||||
const subjects = [TEST_SUBJECT_WITH_REGISTRY]
|
||||
|
||||
@@ -101,6 +101,7 @@ const defaultInputs: RunInputs = {
|
||||
subjectChecksums: '',
|
||||
pushToRegistry: false,
|
||||
createStorageRecord: false,
|
||||
subjectVersion: '',
|
||||
showSummary: false,
|
||||
githubToken: 'test-token',
|
||||
privateSigning: false
|
||||
|
||||
@@ -30,6 +30,11 @@ inputs:
|
||||
attestation. Must specify exactly one of "subject-path", "subject-digest",
|
||||
or "subject-checksums".
|
||||
required: false
|
||||
subject-version:
|
||||
description: >
|
||||
Version of the subject for the attestation. Only used when
|
||||
"push-to-registry" and "create-storage-record" are both set to true.
|
||||
required: false
|
||||
sbom-path:
|
||||
description: >
|
||||
Path to the JSON-formatted SBOM file (SPDX or CycloneDX) to attest.
|
||||
|
||||
+2
@@ -297,3 +297,5 @@ const pMapSkip = Symbol('skip');
|
||||
/***/ })
|
||||
|
||||
};
|
||||
|
||||
//# sourceMappingURL=606.index.js.map
|
||||
+1
File diff suppressed because one or more lines are too long
+14
-121224
File diff suppressed because one or more lines are too long
+1
File diff suppressed because one or more lines are too long
+1
File diff suppressed because one or more lines are too long
Generated
+6
-6
@@ -1,15 +1,15 @@
|
||||
{
|
||||
"name": "actions/attest",
|
||||
"version": "4.0.0",
|
||||
"version": "4.1.0",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "actions/attest",
|
||||
"version": "4.0.0",
|
||||
"version": "4.1.0",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/attest": "^3.0.0",
|
||||
"@actions/attest": "^3.2.0",
|
||||
"@actions/core": "^3.0.0",
|
||||
"@actions/github": "^9.0.0",
|
||||
"@actions/glob": "^0.6.1",
|
||||
@@ -42,9 +42,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@actions/attest": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/@actions/attest/-/attest-3.0.0.tgz",
|
||||
"integrity": "sha512-XrGmxFA3rZO4ACtVEUHFUI318lMycHQjHep3SX/AqU8IwR0y9afw8URsGrQZhGqwMDTYxYFST9PaNQCksIyE8A==",
|
||||
"version": "3.2.0",
|
||||
"resolved": "https://registry.npmjs.org/@actions/attest/-/attest-3.2.0.tgz",
|
||||
"integrity": "sha512-Mdpqfyfp4dp7VZt9lVBmQTlnpK0PBrIXSblzeseP4w6Gn4Bbl5bpScJ+8zgwOMfTz1049wPzSUda5XtTYIZloQ==",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/core": "^3.0.0",
|
||||
|
||||
+3
-3
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"name": "actions/attest",
|
||||
"description": "Generate signed attestations for workflow artifacts",
|
||||
"version": "4.0.0",
|
||||
"version": "4.1.0",
|
||||
"author": "",
|
||||
"private": true,
|
||||
"type": "module",
|
||||
@@ -31,7 +31,7 @@
|
||||
"lint:eslint": "npx eslint",
|
||||
"lint:markdown": "npx markdownlint --config .markdown-lint.yml \"*.md\"",
|
||||
"lint": "npm run lint:eslint && npm run lint:markdown",
|
||||
"package": "ncc build src/index.ts --license licenses.txt",
|
||||
"package": "ncc build src/index.ts --license licenses.txt --minify --source-map",
|
||||
"package:watch": "npm run package -- --watch",
|
||||
"test": "NODE_OPTIONS='--experimental-vm-modules' jest",
|
||||
"all": "npm run format:write && npm run lint && npm run test && npm run package"
|
||||
@@ -78,7 +78,7 @@
|
||||
]
|
||||
},
|
||||
"dependencies": {
|
||||
"@actions/attest": "^3.0.0",
|
||||
"@actions/attest": "^3.2.0",
|
||||
"@actions/core": "^3.0.0",
|
||||
"@actions/github": "^9.0.0",
|
||||
"@actions/glob": "^0.6.1",
|
||||
|
||||
+3
-1
@@ -26,6 +26,7 @@ export const createAttestation = async (
|
||||
sigstoreInstance: SigstoreInstance
|
||||
pushToRegistry: boolean
|
||||
createStorageRecord: boolean
|
||||
subjectVersion?: string
|
||||
githubToken: string
|
||||
}
|
||||
): Promise<AttestResult> => {
|
||||
@@ -77,7 +78,8 @@ export const createAttestation = async (
|
||||
const registryUrl = getRegistryURL(subject.name)
|
||||
const artifactOpts = {
|
||||
name: subject.name,
|
||||
digest: subjectDigest
|
||||
digest: subjectDigest,
|
||||
version: opts.subjectVersion || undefined
|
||||
}
|
||||
const packageRegistryOpts = {
|
||||
registryUrl
|
||||
|
||||
@@ -15,6 +15,7 @@ const inputs: RunInputs = {
|
||||
predicatePath: core.getInput('predicate-path'),
|
||||
pushToRegistry: core.getBooleanInput('push-to-registry'),
|
||||
createStorageRecord: core.getBooleanInput('create-storage-record'),
|
||||
subjectVersion: core.getInput('subject-version'),
|
||||
showSummary: core.getBooleanInput('show-summary'),
|
||||
githubToken: core.getInput('github-token'),
|
||||
// undocumented -- not part of public interface
|
||||
|
||||
@@ -35,6 +35,7 @@ export type RunInputs = SubjectInputs &
|
||||
SBOMInputs & {
|
||||
pushToRegistry: boolean
|
||||
createStorageRecord: boolean
|
||||
subjectVersion: string
|
||||
githubToken: string
|
||||
showSummary: boolean
|
||||
privateSigning: boolean
|
||||
@@ -97,6 +98,7 @@ export async function run(inputs: RunInputs): Promise<void> {
|
||||
sigstoreInstance,
|
||||
pushToRegistry: inputs.pushToRegistry,
|
||||
createStorageRecord: inputs.createStorageRecord,
|
||||
subjectVersion: inputs.subjectVersion,
|
||||
githubToken: inputs.githubToken
|
||||
})
|
||||
|
||||
|
||||
Reference in New Issue
Block a user