Compare commits
2 Commits
v2
..
bdehamer/del
| Author | SHA1 | Date | |
|---|---|---|---|
| 700b0a9962 | |||
| f41311b4cd |
@@ -38,7 +38,7 @@ jobs:
|
||||
|
||||
- name: Lint Codebase
|
||||
id: super-linter
|
||||
uses: super-linter/super-linter/slim@v7.4.0
|
||||
uses: super-linter/super-linter/slim@v7
|
||||
env:
|
||||
DEFAULT_BRANCH: main
|
||||
FILTER_REGEX_EXCLUDE: dist/**/*
|
||||
@@ -47,8 +47,4 @@ jobs:
|
||||
VALIDATE_ALL_CODEBASE: true
|
||||
VALIDATE_JAVASCRIPT_STANDARD: false
|
||||
VALIDATE_TYPESCRIPT_STANDARD: false
|
||||
VALIDATE_TYPESCRIPT_ES: false
|
||||
VALIDATE_JSCPD: false
|
||||
|
||||
- name: Run eslint
|
||||
run: npm run lint:eslint
|
||||
|
||||
@@ -18,12 +18,6 @@ Once the attestation has been created and signed, it will be uploaded to the GH
|
||||
attestations API and associated with the repository from which the workflow was
|
||||
initiated.
|
||||
|
||||
When an attestation is created, the attestation is stored on the local
|
||||
filesystem used by the runner. For each attestation created, the filesystem path
|
||||
will be appended to the file `${RUNNER_TEMP}/created_attestation_paths.txt`.
|
||||
This can be used to gather all attestations created by all jobs during a the
|
||||
workflow.
|
||||
|
||||
Attestations can be verified using the [`attestation` command in the GitHub
|
||||
CLI][5].
|
||||
|
||||
@@ -71,7 +65,7 @@ attest:
|
||||
The `subject-path` parameter should identify the artifact for which you want
|
||||
to generate an attestation. The `predicate-type` can be any of the the
|
||||
[vetted predicate types][3] or a custom value. The `predicate-path`
|
||||
identifies a file containing the JSON-encoded predicate parameters.
|
||||
identifies a file containg the JSON-encoded predicate parameters.
|
||||
|
||||
### Inputs
|
||||
|
||||
|
||||
@@ -99,7 +99,7 @@ describe('subjectFromInputs', () => {
|
||||
})
|
||||
})
|
||||
|
||||
describe('when the algorithm is not supported', () => {
|
||||
describe('when the alogrithm is not supported', () => {
|
||||
it('throws an error', async () => {
|
||||
const inputs: SubjectInputs = {
|
||||
...blankInputs,
|
||||
|
||||
+133
-351
File diff suppressed because it is too large
Load Diff
Generated
+855
-1107
File diff suppressed because it is too large
Load Diff
+15
-15
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"name": "actions/attest",
|
||||
"description": "Generate signed attestations for workflow artifacts",
|
||||
"version": "2.4.0",
|
||||
"version": "2.2.0",
|
||||
"author": "",
|
||||
"private": true,
|
||||
"homepage": "https://github.com/actions/attest",
|
||||
@@ -69,31 +69,31 @@
|
||||
]
|
||||
},
|
||||
"dependencies": {
|
||||
"@actions/attest": "^1.6.0",
|
||||
"@actions/attest": "^1.5.0",
|
||||
"@actions/core": "^1.11.1",
|
||||
"@actions/github": "^6.0.1",
|
||||
"@actions/github": "^6.0.0",
|
||||
"@actions/glob": "^0.5.0",
|
||||
"@sigstore/oci": "^0.5.0",
|
||||
"@sigstore/oci": "^0.4.0",
|
||||
"csv-parse": "^5.6.0"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@eslint/js": "^9.28.0",
|
||||
"@sigstore/mock": "^0.10.0",
|
||||
"@eslint/js": "^9.19.0",
|
||||
"@sigstore/mock": "^0.9.0",
|
||||
"@types/jest": "^29.5.14",
|
||||
"@types/make-fetch-happen": "^10.0.4",
|
||||
"@types/node": "^22.15.30",
|
||||
"@types/node": "^22.10.10",
|
||||
"@vercel/ncc": "^0.38.3",
|
||||
"eslint": "^9.28.0",
|
||||
"eslint": "^9.19.0",
|
||||
"eslint-plugin-import": "^2.31.0",
|
||||
"eslint-plugin-jest": "^28.13.0",
|
||||
"eslint-plugin-jest": "^28.11.0",
|
||||
"jest": "^29.7.0",
|
||||
"js-yaml": "^4.1.0",
|
||||
"markdownlint-cli": "^0.45.0",
|
||||
"markdownlint-cli": "^0.44.0",
|
||||
"nock": "^13.5.6",
|
||||
"prettier": "^3.5.3",
|
||||
"ts-jest": "^29.3.4",
|
||||
"typescript": "^5.8.3",
|
||||
"typescript-eslint": "^8.34.0",
|
||||
"undici": "^5.29.0"
|
||||
"prettier": "^3.4.2",
|
||||
"ts-jest": "^29.2.5",
|
||||
"typescript": "^5.7.3",
|
||||
"typescript-eslint": "^8.22.0",
|
||||
"undici": "^5.28.5"
|
||||
}
|
||||
}
|
||||
|
||||
+4
-1
@@ -25,9 +25,12 @@ export const createAttestation = async (
|
||||
predicateType: predicate.type,
|
||||
predicate: predicate.params,
|
||||
sigstore: opts.sigstoreInstance,
|
||||
token: opts.githubToken
|
||||
token: opts.githubToken,
|
||||
skipWrite: true
|
||||
})
|
||||
|
||||
console.log(JSON.stringify(attestation.bundle))
|
||||
|
||||
const result: AttestResult = attestation
|
||||
|
||||
if (subjects.length === 1 && opts.pushToRegistry) {
|
||||
|
||||
-15
@@ -16,7 +16,6 @@ import {
|
||||
import type { Subject } from '@actions/attest'
|
||||
|
||||
const ATTESTATION_FILE_NAME = 'attestation.json'
|
||||
const ATTESTATION_PATHS_FILE_NAME = 'created_attestation_paths.txt'
|
||||
|
||||
export type RunInputs = SubjectInputs &
|
||||
PredicateInputs & {
|
||||
@@ -80,20 +79,6 @@ export async function run(inputs: RunInputs): Promise<void> {
|
||||
flag: 'a'
|
||||
})
|
||||
|
||||
const baseDir = process.env.RUNNER_TEMP
|
||||
if (baseDir) {
|
||||
const outputSummaryPath = path.join(baseDir, ATTESTATION_PATHS_FILE_NAME)
|
||||
// Append the output path to the attestations paths file
|
||||
fs.appendFileSync(outputSummaryPath, outputPath + os.EOL, {
|
||||
encoding: 'utf-8',
|
||||
flag: 'a'
|
||||
})
|
||||
} else {
|
||||
core.warning(
|
||||
'RUNNER_TEMP environment variable is not set. Cannot write attestation paths file.'
|
||||
)
|
||||
}
|
||||
|
||||
if (att.attestationID) {
|
||||
core.setOutput('attestation-id', att.attestationID)
|
||||
core.setOutput('attestation-url', attestationURL(att.attestationID))
|
||||
|
||||
+13
-4
@@ -189,10 +189,17 @@ const getSubjectFromChecksumsString = (checksums: string): Subject[] => {
|
||||
throw new Error(`Invalid digest: ${digest}`)
|
||||
}
|
||||
|
||||
subjects.push({
|
||||
name,
|
||||
digest: { [digestAlgorithm(digest)]: digest }
|
||||
})
|
||||
if (digestAlgorithm(digest) === 'sha1') {
|
||||
subjects.push({
|
||||
uri: name,
|
||||
digest: { [digestAlgorithm(digest)]: digest }
|
||||
} as any)
|
||||
} else {
|
||||
subjects.push({
|
||||
name,
|
||||
digest: { [digestAlgorithm(digest)]: digest }
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
return subjects
|
||||
@@ -233,6 +240,8 @@ const parseSubjectPathList = (input: string): string[] => {
|
||||
|
||||
const digestAlgorithm = (digest: string): string => {
|
||||
switch (digest.length) {
|
||||
case 40:
|
||||
return 'sha1'
|
||||
case 64:
|
||||
return 'sha256'
|
||||
case 128:
|
||||
|
||||
Reference in New Issue
Block a user