Compare commits

...

2 Commits

Author SHA1 Message Date
Meredith Lancaster 309649c98d flip if-else logic for creating storage records to remove nesting
Signed-off-by: Meredith Lancaster <malancas@github.com>
2026-01-26 11:32:34 -08:00
Meredith Lancaster e36bd1a2fc flip if logic for checking attestation upload logic to remove nesting
Signed-off-by: Meredith Lancaster <malancas@github.com>
2026-01-26 11:31:23 -08:00
+14 -4
View File
@@ -40,7 +40,15 @@ export const createAttestation = async (
const result: AttestResult = attestation
if (subjects.length === 1 && opts.pushToRegistry) {
// If there are multiple subjects or if pushToRegistry is false,
// return early without pushing the attestation to the registry
if (!(subjects.length === 1 && opts.pushToRegistry)) {
return result
}
// If we have a single subject and pushToRegistry is true,
// push the attestation to the OCI registry
// and create a storage record if requested
const subject = subjects[0]
const credentials = getRegistryCredentials(subject.name)
const subjectDigest = formatSubjectDigest(subject)
@@ -60,10 +68,14 @@ export const createAttestation = async (
// Add the attestation's digest to the result
result.attestationDigest = artifact.digest
// If createStorageRecord is false, return early
if (!opts.createStorageRecord) {
return result
}
// Because creating a storage record requires the 'artifact-metadata:write'
// permission, we wrap this in a try/catch to avoid failing the entire
// attestation process if the token does not have the correct permissions.
if (opts.createStorageRecord) {
try {
const token = opts.githubToken
const isOrg = await repoOwnerIsOrg(token)
@@ -99,8 +111,6 @@ export const createAttestation = async (
'Please check that the "artifact-metadata:write" permission has been included'
)
}
}
}
return result
}