Merge pull request #2320 from actions/bdehamer/attest-orchestration-id

custom user-agent string for attestation API reqs
This commit is contained in:
Brian DeHamer
2026-02-25 11:25:53 -08:00
committed by GitHub
4 changed files with 34 additions and 3 deletions
+4
View File
@@ -1,5 +1,9 @@
# @actions/attest Releases
## 3.1.0
- Add support for `ACTIONS_ORCHESTRATION_ID` in user-agent [#2320](https://github.com/actions/toolkit/pull/2320)
## 3.0.0
- **Breaking change**: Package is now ESM-only
+2 -2
View File
@@ -1,6 +1,6 @@
{
"name": "@actions/attest",
"version": "3.0.0",
"version": "3.1.0",
"description": "Actions attestation lib",
"keywords": [
"github",
@@ -36,7 +36,7 @@
},
"scripts": {
"test": "echo \"Error: run tests from root\" && exit 1",
"tsc": "tsc"
"tsc": "tsc && cp src/package-version.cjs lib/"
},
"bugs": {
"url": "https://github.com/actions/toolkit/issues"
+7
View File
@@ -0,0 +1,7 @@
// This file exists as a CommonJS module to read the version from package.json.
// In an ESM package, using `require()` directly in .ts files requires disabling
// ESLint rules and doesn't work reliably across all Node.js versions.
// By keeping this as a .cjs file, we can use require() naturally and export
// the version for the ESM modules to import.
const packageJson = require('../package.json')
module.exports = {version: packageJson.version}
+21 -1
View File
@@ -1,6 +1,7 @@
import * as github from '@actions/github'
import {retry} from '@octokit/plugin-retry'
import {RequestHeaders} from '@octokit/types'
import {version} from './package-version.cjs'
const CREATE_ATTESTATION_REQUEST = 'POST /repos/{owner}/{repo}/attestations'
const DEFAULT_RETRY_COUNT = 5
@@ -24,11 +25,16 @@ export const writeAttestation = async (
const retries = options.retry ?? DEFAULT_RETRY_COUNT
const octokit = github.getOctokit(token, {retry: {retries}}, retry)
const headers = {
'User-Agent': getUserAgent(),
...options.headers
}
try {
const response = await octokit.request(CREATE_ATTESTATION_REQUEST, {
owner: github.context.repo.owner,
repo: github.context.repo.repo,
headers: options.headers,
headers,
bundle: attestation as {
mediaType?: string
verificationMaterial?: {[key: string]: unknown}
@@ -46,3 +52,17 @@ export const writeAttestation = async (
throw new Error(`Failed to persist attestation: ${message}`)
}
}
const getUserAgent = (): string => {
const baseUserAgent = `@actions/attest-${version}`
const orchId = process.env['ACTIONS_ORCHESTRATION_ID']
if (orchId) {
// Sanitize the orchestration ID to ensure it contains only valid characters
// Valid characters: 0-9, a-z, _, -, .
const sanitizedId = orchId.replace(/[^a-z0-9_.-]/gi, '_')
return `${baseUserAgent} actions_orchestration_id/${sanitizedId}`
}
return baseUserAgent
}