Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 309649c98d | |||
| e36bd1a2fc |
+14
-4
@@ -40,7 +40,15 @@ export const createAttestation = async (
|
||||
|
||||
const result: AttestResult = attestation
|
||||
|
||||
if (subjects.length === 1 && opts.pushToRegistry) {
|
||||
// If there are multiple subjects or if pushToRegistry is false,
|
||||
// return early without pushing the attestation to the registry
|
||||
if (!(subjects.length === 1 && opts.pushToRegistry)) {
|
||||
return result
|
||||
}
|
||||
|
||||
// If we have a single subject and pushToRegistry is true,
|
||||
// push the attestation to the OCI registry
|
||||
// and create a storage record if requested
|
||||
const subject = subjects[0]
|
||||
const credentials = getRegistryCredentials(subject.name)
|
||||
const subjectDigest = formatSubjectDigest(subject)
|
||||
@@ -60,10 +68,14 @@ export const createAttestation = async (
|
||||
// Add the attestation's digest to the result
|
||||
result.attestationDigest = artifact.digest
|
||||
|
||||
// If createStorageRecord is false, return early
|
||||
if (!opts.createStorageRecord) {
|
||||
return result
|
||||
}
|
||||
|
||||
// Because creating a storage record requires the 'artifact-metadata:write'
|
||||
// permission, we wrap this in a try/catch to avoid failing the entire
|
||||
// attestation process if the token does not have the correct permissions.
|
||||
if (opts.createStorageRecord) {
|
||||
try {
|
||||
const token = opts.githubToken
|
||||
const isOrg = await repoOwnerIsOrg(token)
|
||||
@@ -99,8 +111,6 @@ export const createAttestation = async (
|
||||
'Please check that the "artifact-metadata:write" permission has been included'
|
||||
)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return result
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user