Compare commits

...

4 Commits

Author SHA1 Message Date
Brian DeHamer 69989a9c31 minify dist
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2026-02-26 12:56:34 -08:00
Brian DeHamer ec072a1cb2 add new subject-version input (#364)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2026-02-26 12:38:12 -08:00
Brian DeHamer 8b290b8d86 bump @actions/attest from 3.1.0 to 3.2.0 (#365)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2026-02-26 12:36:53 -08:00
Brian DeHamer 35cfe2422e bump @actions/attest from 3.0.0 to 3.1.0 (#362)
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2026-02-25 16:03:18 -08:00
14 changed files with 62 additions and 121236 deletions
+2
View File
@@ -30,6 +30,7 @@ describe('index', () => {
'subject-name': 'my-artifact',
'subject-digest': '',
'subject-checksums': '',
'subject-version': '',
'predicate-type': 'https://example.com/predicate',
predicate: '{}',
'predicate-path': '',
@@ -57,6 +58,7 @@ describe('index', () => {
subjectName: 'my-artifact',
subjectDigest: '',
subjectChecksums: '',
subjectVersion: '',
predicateType: 'https://example.com/predicate',
predicate: '{}',
predicatePath: '',
+20 -2
View File
@@ -145,7 +145,8 @@ describe('createAttestation', () => {
const storageOpts = {
...defaultOpts,
pushToRegistry: true,
createStorageRecord: true
createStorageRecord: true,
subjectVersion: '1.2.3'
}
it('should create storage record when enabled and owner is org', async () => {
@@ -157,10 +158,27 @@ describe('createAttestation', () => {
storageOpts
)
expect(mockCreateStorageRecord).toHaveBeenCalled()
expect(mockCreateStorageRecord).toHaveBeenCalledWith(
expect.objectContaining({ version: '1.2.3' }),
expect.anything(),
expect.anything()
)
expect(result.storageRecordIds).toEqual([12345])
})
it('should omit version from storage record when subjectVersion is empty', async () => {
const subjects = [TEST_SUBJECT_WITH_REGISTRY]
const opts = { ...storageOpts, subjectVersion: '' }
await createAttestation(subjects, TEST_PREDICATE, opts)
expect(mockCreateStorageRecord).toHaveBeenCalledWith(
expect.objectContaining({ version: undefined }),
expect.anything(),
expect.anything()
)
})
it('should skip storage record when owner is User', async () => {
mockGetOctokit.mockReturnValue(createOctokitMock('User'))
const subjects = [TEST_SUBJECT_WITH_REGISTRY]
+1
View File
@@ -101,6 +101,7 @@ const defaultInputs: RunInputs = {
subjectChecksums: '',
pushToRegistry: false,
createStorageRecord: false,
subjectVersion: '',
showSummary: false,
githubToken: 'test-token',
privateSigning: false
+5
View File
@@ -30,6 +30,11 @@ inputs:
attestation. Must specify exactly one of "subject-path", "subject-digest",
or "subject-checksums".
required: false
subject-version:
description: >
Version of the subject for the attestation. Only used when
"push-to-registry" and "create-storage-record" are both set to true.
required: false
sbom-path:
description: >
Path to the JSON-formatted SBOM file (SPDX or CycloneDX) to attest.
Generated Vendored
+2
View File
@@ -297,3 +297,5 @@ const pMapSkip = Symbol('skip');
/***/ })
};
//# sourceMappingURL=606.index.js.map
Generated Vendored
+1
View File
File diff suppressed because one or more lines are too long
Generated Vendored
+14 -121224
View File
File diff suppressed because one or more lines are too long
Generated Vendored
+1
View File
File diff suppressed because one or more lines are too long
+1
View File
File diff suppressed because one or more lines are too long
+6 -6
View File
@@ -1,15 +1,15 @@
{
"name": "actions/attest",
"version": "4.0.0",
"version": "4.1.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "actions/attest",
"version": "4.0.0",
"version": "4.1.0",
"license": "MIT",
"dependencies": {
"@actions/attest": "^3.0.0",
"@actions/attest": "^3.2.0",
"@actions/core": "^3.0.0",
"@actions/github": "^9.0.0",
"@actions/glob": "^0.6.1",
@@ -42,9 +42,9 @@
}
},
"node_modules/@actions/attest": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/@actions/attest/-/attest-3.0.0.tgz",
"integrity": "sha512-XrGmxFA3rZO4ACtVEUHFUI318lMycHQjHep3SX/AqU8IwR0y9afw8URsGrQZhGqwMDTYxYFST9PaNQCksIyE8A==",
"version": "3.2.0",
"resolved": "https://registry.npmjs.org/@actions/attest/-/attest-3.2.0.tgz",
"integrity": "sha512-Mdpqfyfp4dp7VZt9lVBmQTlnpK0PBrIXSblzeseP4w6Gn4Bbl5bpScJ+8zgwOMfTz1049wPzSUda5XtTYIZloQ==",
"license": "MIT",
"dependencies": {
"@actions/core": "^3.0.0",
+3 -3
View File
@@ -1,7 +1,7 @@
{
"name": "actions/attest",
"description": "Generate signed attestations for workflow artifacts",
"version": "4.0.0",
"version": "4.1.0",
"author": "",
"private": true,
"type": "module",
@@ -31,7 +31,7 @@
"lint:eslint": "npx eslint",
"lint:markdown": "npx markdownlint --config .markdown-lint.yml \"*.md\"",
"lint": "npm run lint:eslint && npm run lint:markdown",
"package": "ncc build src/index.ts --license licenses.txt",
"package": "ncc build src/index.ts --license licenses.txt --minify --source-map",
"package:watch": "npm run package -- --watch",
"test": "NODE_OPTIONS='--experimental-vm-modules' jest",
"all": "npm run format:write && npm run lint && npm run test && npm run package"
@@ -78,7 +78,7 @@
]
},
"dependencies": {
"@actions/attest": "^3.0.0",
"@actions/attest": "^3.2.0",
"@actions/core": "^3.0.0",
"@actions/github": "^9.0.0",
"@actions/glob": "^0.6.1",
+3 -1
View File
@@ -26,6 +26,7 @@ export const createAttestation = async (
sigstoreInstance: SigstoreInstance
pushToRegistry: boolean
createStorageRecord: boolean
subjectVersion?: string
githubToken: string
}
): Promise<AttestResult> => {
@@ -77,7 +78,8 @@ export const createAttestation = async (
const registryUrl = getRegistryURL(subject.name)
const artifactOpts = {
name: subject.name,
digest: subjectDigest
digest: subjectDigest,
version: opts.subjectVersion || undefined
}
const packageRegistryOpts = {
registryUrl
+1
View File
@@ -15,6 +15,7 @@ const inputs: RunInputs = {
predicatePath: core.getInput('predicate-path'),
pushToRegistry: core.getBooleanInput('push-to-registry'),
createStorageRecord: core.getBooleanInput('create-storage-record'),
subjectVersion: core.getInput('subject-version'),
showSummary: core.getBooleanInput('show-summary'),
githubToken: core.getInput('github-token'),
// undocumented -- not part of public interface
+2
View File
@@ -35,6 +35,7 @@ export type RunInputs = SubjectInputs &
SBOMInputs & {
pushToRegistry: boolean
createStorageRecord: boolean
subjectVersion: string
githubToken: string
showSummary: boolean
privateSigning: boolean
@@ -97,6 +98,7 @@ export async function run(inputs: RunInputs): Promise<void> {
sigstoreInstance,
pushToRegistry: inputs.pushToRegistry,
createStorageRecord: inputs.createStorageRecord,
subjectVersion: inputs.subjectVersion,
githubToken: inputs.githubToken
})