Compare commits

...

106 Commits

Author SHA1 Message Date
Jonathan Tamsut 42b0077729 resolve merge conflicts 2024-04-23 11:15:38 -07:00
Brian DeHamer d82fd09f99 Merge pull request #1714 from actions/bdehamer/attest-no-make-fetch-happen
(@actions/attest) remove dep on make-fetch-happen
2024-04-23 10:39:57 -07:00
Brian DeHamer 2961d73391 remove dep on make-fetch-happen
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-04-23 09:39:17 -07:00
Rob Herley eb1cb3649c Merge pull request #1721 from actions/robherley/retry-502-invalid-body
artifact client: retry on non-JSON response
2024-04-19 14:02:46 -04:00
Rob Herley b384fe17ba bump pkg version + release notes 2024-04-19 15:08:30 +00:00
Rob Herley ccb1df45d1 artifact client: retry on non-JSON response 2024-04-19 14:03:47 +00:00
eggyhead 5a736647a1 Merge pull request #1712 from actions/vmjoseph/update-archiver
Upgrading `upload-artifact` and `download-artifact` archiver package
2024-04-15 13:03:10 -07:00
Vallie Joseph 918b468a41 replacing writeFile with writeFileSync 2024-04-15 16:57:28 +00:00
Vallie Joseph 234761dc05 replacing writeFile with writeFileSync 2024-04-15 16:51:30 +00:00
Vallie Joseph fa1cb5d153 correcting imports 2024-04-15 16:49:47 +00:00
Vallie Joseph e998cf1216 cleaning up tests 2024-04-15 16:32:31 +00:00
Vallie Joseph 2bbbf928ae re-adding minor ver for now 2024-04-15 16:20:24 +00:00
Vallie Joseph fa06a1eadf removing minor ver for now 2024-04-15 16:18:41 +00:00
Vallie Joseph 5eea9e34e7 cleaning up comments and removing clear timeout outside of finaly 2024-04-15 16:08:45 +00:00
Vallie Joseph 75b5e5376d updating artifact version 2024-04-15 15:32:08 +00:00
Vallie Joseph be507421b1 . 2024-04-15 15:24:57 +00:00
Vallie Joseph 5d943d4b7f Rever http 2024-04-15 12:59:58 +00:00
Vallie Joseph 67951b1f2b Merge branch 'main' into vmjoseph/update-archiver 2024-04-15 12:18:10 +00:00
Vallie Joseph 4fb4c6ed94 Merge branch 'eggyhead/fix-tar-ddos-vuln' into vmjoseph/update-archiver 2024-04-12 20:31:55 +00:00
Vallie Joseph 222733049e . 2024-04-09 21:22:40 +00:00
Vallie Joseph fa9db3c8fa wrapping timeout in try catch 2024-04-09 21:18:30 +00:00
Vallie Joseph 18a8a22c65 updating upload try catch to always call cleartimeout 2024-04-09 21:05:58 +00:00
Vallie Joseph 425f05e29d moving timer outside of uploadZipToBlobStorage 2024-04-09 21:04:29 +00:00
Vallie Joseph 90fca23920 replacing timeout 2024-04-09 20:51:12 +00:00
Vallie Joseph 0d3d3bbb40 Adding missing progress time 2024-04-09 20:40:08 +00:00
Vallie Joseph 98ce947a6c updating timeout 2024-04-09 19:38:57 +00:00
Vallie Joseph 2ed9516172 updating timeout 2024-04-09 19:24:52 +00:00
Vallie Joseph 4fc93ec115 . 2024-04-09 19:01:54 +00:00
Vallie Joseph 61d6acdeb1 updating test 2024-04-09 18:52:19 +00:00
Vallie Joseph f98ccd1e39 updating tests 2024-04-09 18:21:41 +00:00
Vallie Joseph 7f0a981b2e Revert http 2024-04-09 18:09:34 +00:00
Vallie Joseph 2e7a11c409 upgrading archiver package along with chunk timeout 2024-04-09 18:02:48 +00:00
Vallie Joseph bcaba45bb9 reverting http update 2024-04-08 18:24:09 +00:00
Vallie Joseph da5e926162 removing promise wrap 2024-04-08 17:39:15 +00:00
Vallie Joseph 6e1d7543c4 updating tests 2024-04-08 17:21:24 +00:00
Vallie Joseph 67c383759c updating errors 2024-04-08 15:43:51 +00:00
Vallie Joseph 4f54b861cf updating errors 2024-04-08 15:40:32 +00:00
Vallie Joseph e7f45861f6 Merge branch 'main' into vmjoseph/node-js-monitor 2024-04-08 15:31:14 +00:00
Vallie Joseph ce603525f8 adding asysnc zip entry logic handling 2024-04-08 15:27:00 +00:00
Vallie Joseph 38f54e9d73 Adding debug statement for upload 2024-04-02 05:39:02 +00:00
Vallie Joseph c5f3463c0b adding more descriptive error 2024-04-02 05:25:10 +00:00
Vallie Joseph 96ef8d5d33 adding more error handling 2024-04-01 20:21:01 +00:00
Vallie Joseph 84d3cef541 Removing extra logs 2024-04-01 20:14:07 +00:00
Vallie Joseph a926fff385 adding queue back 2024-04-01 20:04:49 +00:00
Vallie Joseph a2a8a724c2 test queue 2024-04-01 20:01:19 +00:00
Vallie Joseph a8fa53b609 test async eachof 2024-04-01 19:57:11 +00:00
Vallie Joseph 23039a4345 adding asnyc handler back 2024-04-01 16:57:50 +00:00
Vallie Joseph 4778aebf5b adding asnyc handler back 2024-04-01 16:54:55 +00:00
Vallie Joseph 6eff4e928d adding more debug statements 2024-04-01 15:15:28 +00:00
Vallie Joseph 2c4f0f555e adding error checks 2024-04-01 15:07:28 +00:00
Vallie Joseph dea3595881 re-adding archiver for download 2024-04-01 14:33:36 +00:00
Vallie Joseph 4c878a66e7 adding back archiver 2024-04-01 14:30:14 +00:00
Vallie Joseph 2f2738e4ae removing old packages 2024-04-01 14:01:29 +00:00
Vallie Joseph 2d065559f7 Merge branch 'main' into vmjoseph/node-js-monitor 2024-04-01 13:59:46 +00:00
Vallie Joseph 2da528819c cleanup 2024-04-01 13:58:57 +00:00
Vallie Joseph 90ee020ccd cleaning up debug statements 2024-04-01 13:52:01 +00:00
Vallie Joseph c14e304555 adding more debugging statements 2024-03-28 21:17:54 +00:00
Vallie Joseph a2852cee6f adding catch to upload zip 2024-03-28 21:12:51 +00:00
Vallie Joseph 6d94ad125b Removing uneeded libs 2024-03-28 20:38:01 +00:00
Vallie Joseph d02a834fe3 Remove other debug statements 2024-03-28 20:12:52 +00:00
Vallie Joseph 0f23ae1184 re-adding old async/await pattern 2024-03-28 20:05:16 +00:00
Vallie Joseph 5288db3953 removing debugging statements 2024-03-28 19:57:01 +00:00
Vallie Joseph bc893bf1b4 adding compression level back 2024-03-28 19:48:15 +00:00
Vallie Joseph 9322468ef0 Adding pipe back 2024-03-28 19:32:40 +00:00
Vallie Joseph b6c87ceea7 Adding more error handlrs 2024-03-28 19:22:29 +00:00
Vallie Joseph 17c4cab8b2 adding constant zlib compression level 2024-03-28 19:16:10 +00:00
Vallie Joseph 59593338a6 defaulting compression level 2024-03-28 19:15:10 +00:00
Vallie Joseph 0a0e70d1cd Add another catch to see if upload stream is failing 2024-03-28 19:09:53 +00:00
Vallie Joseph c9e825e841 add blob client property check 2024-03-28 19:06:47 +00:00
Vallie Joseph 31a6086649 Adding concurrency and upload response logs 2024-03-28 18:59:41 +00:00
Vallie Joseph d2d69999e3 adding write check 2024-03-28 18:53:15 +00:00
Vallie Joseph 6ac9cbfda9 check if upload and zipload streams are writable 2024-03-28 18:51:00 +00:00
Vallie Joseph d597cf234f adding upload stream check 2024-03-28 18:46:31 +00:00
Vallie Joseph a768aa30c7 adding more logging 2024-03-28 18:43:58 +00:00
Vallie Joseph e4c0440c3a adding more logging 2024-03-28 18:40:37 +00:00
Vallie Joseph 26b62e0fd5 adding more logging 2024-03-28 18:38:52 +00:00
Vallie Joseph 73f526b642 adding closed check 2024-03-28 18:36:40 +00:00
Vallie Joseph 077846ed34 adding readable check 2024-03-28 18:34:07 +00:00
Vallie Joseph 180b75bf01 wrap promises in chain 2024-03-28 18:29:20 +00:00
Vallie Joseph f33a3f4748 Remove finalize 2024-03-28 18:14:40 +00:00
Vallie Joseph 97e4fcfcd5 wait on write stream 2024-03-28 18:07:20 +00:00
Vallie Joseph fe0c0de7db adding lock 2024-03-28 17:53:08 +00:00
Vallie Joseph c7de68f215 updating resolves 2024-03-28 17:48:56 +00:00
Vallie Joseph 66343faec4 add resolve all promises again 2024-03-28 17:43:17 +00:00
Vallie Joseph fd88cbe6df adding check for running 2024-03-28 17:32:01 +00:00
Vallie Joseph bef1fc5f67 adding check for running 2024-03-28 17:30:06 +00:00
Vallie Joseph 18751738a8 update loop for upload 2024-03-28 17:25:01 +00:00
Vallie Joseph b1f55c6942 adding finalize 2024-03-28 17:15:08 +00:00
Vallie Joseph 9299663297 adding promise all 2024-03-28 17:13:32 +00:00
Vallie Joseph 088b9761b4 cleaning up callback methods 2024-03-28 16:15:29 +00:00
Vallie Joseph d97edf7f61 cleaning up warning callack 2024-03-28 16:11:50 +00:00
Vallie Joseph 06482c6da1 adding promise to upload 2024-03-28 16:06:54 +00:00
Vallie Joseph 7441cc7b8b Removing pipe 2024-03-28 15:55:09 +00:00
Vallie Joseph ca87c5e124 testing debug statements 2024-03-28 15:53:03 +00:00
Vallie Joseph 97629b8767 adding archiver back for download 2024-03-28 15:47:34 +00:00
Vallie Joseph 8e29fb2e30 adding default back to zipstream call 2024-03-28 15:44:27 +00:00
Vallie Joseph 560ae4debd updating archive import 2024-03-28 15:41:52 +00:00
Vallie Joseph fda9d58d06 replacing constructor for zipstream with default 2024-03-28 15:28:14 +00:00
Vallie Joseph 6defe19df1 replacing constructor for zipstream 2024-03-28 15:25:37 +00:00
Vallie Joseph 6e4aebbd4e cleaning up unused imports 2024-03-28 15:17:40 +00:00
Vallie Joseph 14eee6f54a updating event handlers 2024-03-28 15:10:34 +00:00
Vallie Joseph e71ddb9e5a updating append and directory zips 2024-03-28 14:44:20 +00:00
Vallie Joseph 13d981a863 Adding buffer and zlib options 2024-03-28 14:32:03 +00:00
Vallie Joseph 4090623397 update debug statement 2024-03-28 04:20:40 +00:00
Vallie Joseph 4617da254f audit fix 2024-03-15 15:01:45 +00:00
Vallie Joseph 1f22f9faf9 adding debug for mac upload testing 2024-03-15 14:53:33 +00:00
18 changed files with 1203 additions and 403 deletions
+18
View File
@@ -9015,6 +9015,24 @@
"node": ">=8"
}
},
"node_modules/jackspeak": {
"version": "2.3.6",
"resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz",
"integrity": "sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==",
"dev": true,
"dependencies": {
"@isaacs/cliui": "^8.0.2"
},
"engines": {
"node": ">=14"
},
"funding": {
"url": "https://github.com/sponsors/isaacs"
},
"optionalDependencies": {
"@pkgjs/parseargs": "^0.11.0"
}
},
"node_modules/jake": {
"version": "10.8.7",
"resolved": "https://registry.npmjs.org/jake/-/jake-10.8.7.tgz",
+1 -1
View File
@@ -13,7 +13,7 @@
"lint": "eslint packages/**/*.ts",
"lint-fix": "eslint packages/**/*.ts --fix",
"new-package": "scripts/create-package",
"test": "jest --testTimeout 60000"
"test": "jest --testTimeout 70000"
},
"devDependencies": {
"@types/jest": "^29.5.4",
+10 -2
View File
@@ -1,5 +1,13 @@
# @actions/artifact Releases
### 2.1.6
- Will retry on invalid request responses.
### 2.1.5
- Bumped `archiver` dependency to 7.0.1
### 2.1.4
- Adds info-level logging for zip extraction
@@ -11,9 +19,9 @@
### 2.1.2
- Updated the stream extract functionality to use `unzip.Parse()` instead of `unzip.Extract()` for greater control of unzipping artifacts
### 2.1.1
- Updated `isGhes` check to include `.ghe.com` and `.ghe.localhost` as accepted hosts
### 2.1.0
@@ -116,6 +116,54 @@ describe('artifact-http-client', () => {
expect(mockPost).toHaveBeenCalledTimes(2)
})
it('should retry if invalid body response', async () => {
const mockPost = jest
.fn(() => {
const msgSucceeded = new http.IncomingMessage(new net.Socket())
msgSucceeded.statusCode = 200
return {
message: msgSucceeded,
readBody: async () => {
return Promise.resolve(
`{"ok": true, "signedUploadUrl": "http://localhost:8080/upload"}`
)
}
}
})
.mockImplementationOnce(() => {
const msgFailed = new http.IncomingMessage(new net.Socket())
msgFailed.statusCode = 502
msgFailed.statusMessage = 'Bad Gateway'
return {
message: msgFailed,
readBody: async () => {
return Promise.resolve('💥')
}
}
})
const mockHttpClient = (
HttpClient as unknown as jest.Mock
).mockImplementation(() => {
return {
post: mockPost
}
})
const client = internalArtifactTwirpClient(clientOptions)
const artifact = await client.CreateArtifact({
workflowRunBackendId: '1234',
workflowJobRunBackendId: '5678',
name: 'artifact',
version: 4
})
expect(mockHttpClient).toHaveBeenCalledTimes(1)
expect(artifact).toBeDefined()
expect(artifact.ok).toBe(true)
expect(artifact.signedUploadUrl).toBe('http://localhost:8080/upload')
expect(mockPost).toHaveBeenCalledTimes(2)
})
it('should fail if the request fails 5 times', async () => {
const mockPost = jest.fn(() => {
const msgFailed = new http.IncomingMessage(new net.Socket())
@@ -7,11 +7,21 @@ import {Timestamp, ArtifactServiceClientJSON} from '../src/generated'
import * as blobUpload from '../src/internal/upload/blob-upload'
import {uploadArtifact} from '../src/internal/upload/upload-artifact'
import {noopLogs} from './common'
import {FilesNotFoundError} from '../src/internal/shared/errors'
import {
FilesNotFoundError,
InvalidResponseError
} from '../src/internal/shared/errors'
class NodeJSError extends Error {
code: string
constructor(message?: string, code?: string) {
super(message) // Pass the message to the Error constructor
this.code = code || ''
}
}
describe('upload-artifact', () => {
beforeEach(() => {
noopLogs()
// noopLogs()
})
afterEach(() => {
@@ -351,4 +361,102 @@ describe('upload-artifact', () => {
expect(uploadResp).rejects.toThrow()
})
describe('should respond with non-successful callback on different zipstream lifecycle methods', () => {
beforeEach(() => {
noopLogs()
})
afterEach(() => {
jest.restoreAllMocks()
})
it('should handle ENOENT error', async () => {
const mockDate = new Date('2020-01-01')
jest
.spyOn(uploadZipSpecification, 'validateRootDirectory')
.mockReturnValue()
jest
.spyOn(uploadZipSpecification, 'getUploadZipSpecification')
.mockReturnValue([
{
sourcePath: '/home/user/files/plz-upload/file1.txt',
destinationPath: 'file1.txt'
},
{
sourcePath: '/home/user/files/plz-upload/file2.txt',
destinationPath: 'file2.txt'
}
])
const mockZipStream = {
entry: jest.fn((source, data, callback) => {
const err = (new NodeJSError(
"ENOENT: no such file or directory, open '/home/user/files/plz-upload/file1.txt'"
).code = 'ENOENT')
callback(null, err)
}),
pipe: jest.fn(),
on: jest.fn(),
finalize: jest.fn()
}
jest.mock('zip-stream', () => {
return {
default: jest.fn().mockImplementation(() => mockZipStream)
}
})
jest
.spyOn(zip, 'createZipUploadStream')
.mockReturnValue(
Promise.reject(
new NodeJSError(
"ENOENT: no such file or directory, open '/home/user/files/plz-upload/file1.txt'"
)
)
)
jest.spyOn(util, 'getBackendIdsFromToken').mockReturnValue({
workflowRunBackendId: '1234',
workflowJobRunBackendId: '5678'
})
jest
.spyOn(retention, 'getExpiration')
.mockReturnValue(Timestamp.fromDate(mockDate))
jest
.spyOn(ArtifactServiceClientJSON.prototype, 'CreateArtifact')
.mockReturnValue(
Promise.resolve({
ok: true,
signedUploadUrl: 'https://signed-upload-url.com'
})
)
jest.spyOn(blobUpload, 'uploadZipToBlobStorage').mockReturnValue(
Promise.resolve({
uploadSize: 1234,
sha256Hash: 'test-sha256-hash'
})
)
jest
.spyOn(ArtifactServiceClientJSON.prototype, 'FinalizeArtifact')
.mockReturnValue(Promise.resolve({ok: true, artifactId: '1'}))
// ArtifactHttpClient mocks
jest.spyOn(config, 'getRuntimeToken').mockReturnValue('test-token')
jest
.spyOn(config, 'getResultsServiceUrl')
.mockReturnValue('https://test-url.com')
const uploadResp = uploadArtifact(
'test-artifact',
[
'/home/user/files/plz-upload/file1.txt',
'/home/user/files/plz-upload/file2.txt',
'/home/user/files/plz-upload/dir/file3.txt'
],
'/home/user/files/plz-upload'
)
expect(uploadResp).rejects.toThrowError(InvalidResponseError)
})
})
})
+868 -149
View File
File diff suppressed because it is too large Load Diff
+4 -3
View File
@@ -1,6 +1,6 @@
{
"name": "@actions/artifact",
"version": "2.1.4",
"version": "2.1.6",
"preview": true,
"description": "Actions artifact lib",
"keywords": [
@@ -50,13 +50,14 @@
"@octokit/request-error": "^5.0.0",
"@protobuf-ts/plugin": "^2.2.3-alpha.1",
"archiver": "^5.3.1",
"async": "^3.2.5",
"crypto": "^1.0.1",
"jwt-decode": "^3.1.2",
"twirp-ts": "^2.5.0",
"unzip-stream": "^0.3.1"
"unzip-stream": "^0.3.1",
"zip-stream": "^6.0.1"
},
"devDependencies": {
"@types/archiver": "^5.3.2",
"@types/unzip-stream": "^0.3.4",
"typedoc": "^0.25.4",
"typedoc-plugin-markdown": "^3.17.1",
@@ -102,7 +102,6 @@ class ArtifactHttpClient implements Rpc {
} catch (error) {
if (error instanceof SyntaxError) {
debug(`Raw Body: ${rawBody}`)
throw error
}
if (error instanceof UsageError) {
@@ -24,11 +24,30 @@ export async function uploadZipToBlobStorage(
zipUploadStream: ZipUploadStream
): Promise<BlobUploadResponse> {
let uploadByteCount = 0
let lastProgressTime = Date.now()
let timeoutId: NodeJS.Timeout | undefined
const chunkTimer = (timeout: number): NodeJS.Timeout => {
// clear the previous timeout
if (timeoutId) {
clearTimeout(timeoutId)
}
timeoutId = setTimeout(() => {
const now = Date.now()
// if there's been more than 30 seconds since the
// last progress event, then we'll consider the upload stalled
if (now - lastProgressTime > timeout) {
throw new Error('Upload progress stalled.')
}
}, timeout)
return timeoutId
}
const maxConcurrency = getConcurrency()
const bufferSize = getUploadChunkSize()
const blobClient = new BlobClient(authenticatedUploadURL)
const blockBlobClient = blobClient.getBlockBlobClient()
const timeoutDuration = 300000 // 30 seconds
core.debug(
`Uploading artifact zip to blob storage with maxConcurrency: ${maxConcurrency}, bufferSize: ${bufferSize}`
@@ -37,6 +56,8 @@ export async function uploadZipToBlobStorage(
const uploadCallback = (progress: TransferProgressEvent): void => {
core.info(`Uploaded bytes ${progress.loadedBytes}`)
uploadByteCount = progress.loadedBytes
chunkTimer(timeoutDuration)
lastProgressTime = Date.now()
}
const options: BlockBlobUploadStreamOptions = {
@@ -54,6 +75,8 @@ export async function uploadZipToBlobStorage(
core.info('Beginning upload of artifact content to blob storage')
try {
// Start the chunk timer
timeoutId = chunkTimer(timeoutDuration)
await blockBlobClient.uploadStream(
uploadStream,
bufferSize,
@@ -64,8 +87,12 @@ export async function uploadZipToBlobStorage(
if (NetworkError.isNetworkErrorCode(error?.code)) {
throw new NetworkError(error?.code)
}
throw error
} finally {
// clear the timeout whether or not the upload completes
if (timeoutId) {
clearTimeout(timeoutId)
}
}
core.info('Finished uploading artifact content to blob storage!')
@@ -79,7 +106,6 @@ export async function uploadZipToBlobStorage(
`No data was uploaded to blob storage. Reported upload byte count is 0.`
)
}
return {
uploadSize: uploadByteCount,
sha256Hash
@@ -67,18 +67,25 @@ export async function uploadArtifact(
'CreateArtifact: response from backend was not ok'
)
}
// Create the zipupload stream for use in blob upload
const zipUploadStream = await createZipUploadStream(
zipSpecification,
options?.compressionLevel
)
).catch(err => {
throw new InvalidResponseError(
`createZipUploadStream: response from backend was not ok: ${err}`
)
})
// Upload zip to blob storage
const uploadResult = await uploadZipToBlobStorage(
createArtifactResp.signedUploadUrl,
zipUploadStream
)
).catch(err => {
throw new InvalidResponseError(
`uploadZipToBlobStorage: response blob was not ok: ${err}`
)
})
// finalize the artifact
const finalizeArtifactReq: FinalizeArtifactRequest = {
workflowRunBackendId: backendIds.workflowRunBackendId,
@@ -86,15 +93,12 @@ export async function uploadArtifact(
name,
size: uploadResult.uploadSize ? uploadResult.uploadSize.toString() : '0'
}
if (uploadResult.sha256Hash) {
finalizeArtifactReq.hash = StringValue.create({
value: `sha256:${uploadResult.sha256Hash}`
})
}
core.info(`Finalizing artifact upload`)
const finalizeArtifactResp =
await artifactClient.FinalizeArtifact(finalizeArtifactReq)
if (!finalizeArtifactResp.ok) {
+42 -19
View File
@@ -1,6 +1,7 @@
import * as stream from 'stream'
import * as archiver from 'archiver'
import * as ZipStream from 'zip-stream'
import * as core from '@actions/core'
import async from 'async'
import {createReadStream} from 'fs'
import {UploadZipSpecification} from './upload-zip-specification'
import {getUploadChunkSize} from '../shared/config'
@@ -30,31 +31,57 @@ export async function createZipUploadStream(
`Creating Artifact archive with compressionLevel: ${compressionLevel}`
)
const zip = archiver.create('zip', {
highWaterMark: getUploadChunkSize(),
zlib: {level: compressionLevel}
})
const zlibOptions = {
zlib: {
level: compressionLevel,
bufferSize: getUploadChunkSize()
}
}
const zip = new ZipStream.default(zlibOptions)
const bufferSize = getUploadChunkSize()
const zipUploadStream = new ZipUploadStream(bufferSize)
zip.pipe(zipUploadStream)
// register callbacks for various events during the zip lifecycle
zip.on('error', zipErrorCallback)
zip.on('warning', zipWarningCallback)
zip.on('finish', zipFinishCallback)
zip.on('end', zipEndCallback)
for (const file of uploadSpecification) {
const addFileToZip = (
file: UploadZipSpecification,
callback: (error?: Error) => void
): void => {
if (file.sourcePath !== null) {
// Add a normal file to the zip
zip.append(createReadStream(file.sourcePath), {
name: file.destinationPath
})
zip.entry(
createReadStream(file.sourcePath),
{name: file.destinationPath},
(error: unknown) => {
if (error) {
callback(error as Error) // Cast the error object to the Error type
return
}
callback()
}
)
} else {
// Add a directory to the zip
zip.append('', {name: file.destinationPath})
zip.entry('', {name: file.destinationPath}, (error: unknown) => {
if (error) {
callback(error as Error)
return
}
callback()
})
}
}
const bufferSize = getUploadChunkSize()
const zipUploadStream = new ZipUploadStream(bufferSize)
async.eachSeries(uploadSpecification, addFileToZip, (error: unknown) => {
if (error) {
core.error('Failed to add a file to the zip:')
core.info(error.toString()) // Convert error to string
return
}
zip.finalize() // Finalize the archive once all files have been added
})
core.debug(
`Zip write high watermark value ${zipUploadStream.writableHighWaterMark}`
@@ -63,9 +90,6 @@ export async function createZipUploadStream(
`Zip read high watermark value ${zipUploadStream.readableHighWaterMark}`
)
zip.pipe(zipUploadStream)
zip.finalize()
return zipUploadStream
}
@@ -76,7 +100,6 @@ const zipErrorCallback = (error: any): void => {
throw new Error('An error has occurred during zip creation for the artifact')
}
// eslint-disable-next-line @typescript-eslint/no-explicit-any
const zipWarningCallback = (error: any): void => {
if (error.code === 'ENOENT') {
+1
View File
@@ -5,6 +5,7 @@
- Generate attestations using the v0.3 Sigstore bundle format.
- Bump @sigstore/bundle from 2.2.0 to 2.3.0.
- Bump @sigstore/sign from 2.2.3 to 2.3.0.
- Remove dependency on make-fetch-happen
### 1.1.0
+17 -5
View File
@@ -2,6 +2,7 @@ import * as github from '@actions/github'
import {mockFulcio, mockRekor, mockTSA} from '@sigstore/mock'
import * as jose from 'jose'
import nock from 'nock'
import {MockAgent, setGlobalDispatcher} from 'undici'
import {SIGSTORE_GITHUB, SIGSTORE_PUBLIC_GOOD} from '../src/endpoints'
import {attestProvenance, buildSLSAProvenancePredicate} from '../src/provenance'
@@ -12,6 +13,10 @@ describe('provenance functions', () => {
const jwksPath = '/.well-known/jwks.json'
const tokenPath = '/token'
// MockAgent for mocking @actions/github
const mockAgent = new MockAgent()
setGlobalDispatcher(mockAgent)
const claims = {
iss: issuer,
aud: 'nobody',
@@ -97,9 +102,12 @@ describe('provenance functions', () => {
await mockFulcio({baseURL: fulcioURL, strict: false})
await mockTSA({baseURL: tsaServerURL})
// Mock GH attestations API
nock('https://api.github.com')
.post(/^\/repos\/.*\/.*\/attestations$/)
mockAgent
.get('https://api.github.com')
.intercept({
path: /^\/repos\/.*\/.*\/attestations$/,
method: 'post'
})
.reply(201, {id: attestationID})
})
@@ -159,8 +167,12 @@ describe('provenance functions', () => {
await mockRekor({baseURL: rekorURL})
// Mock GH attestations API
nock('https://api.github.com')
.post(/^\/repos\/.*\/.*\/attestations$/)
mockAgent
.get('https://api.github.com')
.intercept({
path: /^\/repos\/.*\/.*\/attestations$/,
method: 'post'
})
.reply(201, {id: attestationID})
})
+20 -7
View File
@@ -1,4 +1,4 @@
import nock from 'nock'
import {MockAgent, setGlobalDispatcher} from 'undici'
import {writeAttestation} from '../src/store'
describe('writeAttestation', () => {
@@ -6,6 +6,9 @@ describe('writeAttestation', () => {
const attestation = {foo: 'bar '}
const token = 'token'
const mockAgent = new MockAgent()
setGlobalDispatcher(mockAgent)
beforeEach(() => {
process.env = {
...originalEnv,
@@ -19,9 +22,14 @@ describe('writeAttestation', () => {
describe('when the api call is successful', () => {
beforeEach(() => {
nock('https://api.github.com')
.matchHeader('authorization', `token ${token}`)
.post('/repos/foo/bar/attestations', {bundle: attestation})
mockAgent
.get('https://api.github.com')
.intercept({
path: '/repos/foo/bar/attestations',
method: 'POST',
headers: {authorization: `token ${token}`},
body: JSON.stringify({bundle: attestation})
})
.reply(201, {id: '123'})
})
@@ -32,9 +40,14 @@ describe('writeAttestation', () => {
describe('when the api call fails', () => {
beforeEach(() => {
nock('https://api.github.com')
.matchHeader('authorization', `token ${token}`)
.post('/repos/foo/bar/attestations', {bundle: attestation})
mockAgent
.get('https://api.github.com')
.intercept({
path: '/repos/foo/bar/attestations',
method: 'POST',
headers: {authorization: `token ${token}`},
body: JSON.stringify({bundle: attestation})
})
.reply(500, 'oops')
})
+15 -197
View File
@@ -15,16 +15,15 @@
"@sigstore/bundle": "^2.3.0",
"@sigstore/sign": "^2.3.0",
"jsonwebtoken": "^9.0.2",
"jwks-rsa": "^3.1.0",
"make-fetch-happen": "^13.0.0"
"jwks-rsa": "^3.1.0"
},
"devDependencies": {
"@sigstore/mock": "^0.6.5",
"@sigstore/rekor-types": "^2.0.0",
"@types/jsonwebtoken": "^9.0.6",
"@types/make-fetch-happen": "^10.0.4",
"jose": "^5.2.3",
"nock": "^13.5.1"
"nock": "^13.5.1",
"undici": "^5.28.4"
}
},
"node_modules/@actions/core": {
@@ -530,17 +529,6 @@
"@types/node": "*"
}
},
"node_modules/@types/make-fetch-happen": {
"version": "10.0.4",
"resolved": "https://registry.npmjs.org/@types/make-fetch-happen/-/make-fetch-happen-10.0.4.tgz",
"integrity": "sha512-jKzweQaEMMAi55ehvR1z0JF6aSVQm/h1BXBhPLOJriaeQBctjw5YbpIGs7zAx9dN0Sa2OO5bcXwCkrlgenoPEA==",
"dev": true,
"dependencies": {
"@types/node-fetch": "*",
"@types/retry": "*",
"@types/ssri": "*"
}
},
"node_modules/@types/mime": {
"version": "1.3.5",
"resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz",
@@ -554,16 +542,6 @@
"undici-types": "~5.26.4"
}
},
"node_modules/@types/node-fetch": {
"version": "2.6.11",
"resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.11.tgz",
"integrity": "sha512-24xFj9R5+rfQJLRyM56qh+wnVSYhyXC2tkoBndtY0U+vubqNsYXGjufB2nn8Q6gt0LrARwL6UBtMCSVCwl4B1g==",
"dev": true,
"dependencies": {
"@types/node": "*",
"form-data": "^4.0.0"
}
},
"node_modules/@types/qs": {
"version": "6.9.14",
"resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.14.tgz",
@@ -574,12 +552,6 @@
"resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz",
"integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ=="
},
"node_modules/@types/retry": {
"version": "0.12.5",
"resolved": "https://registry.npmjs.org/@types/retry/-/retry-0.12.5.tgz",
"integrity": "sha512-3xSjTp3v03X/lSQLkczaN9UIEwJMoMCA1+Nb5HfbJEQWogdeQIyVtTvxPXDQjZ5zws8rFQfVfRdz03ARihPJgw==",
"dev": true
},
"node_modules/@types/send": {
"version": "0.17.4",
"resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz",
@@ -599,15 +571,6 @@
"@types/node": "*"
}
},
"node_modules/@types/ssri": {
"version": "7.1.5",
"resolved": "https://registry.npmjs.org/@types/ssri/-/ssri-7.1.5.tgz",
"integrity": "sha512-odD/56S3B51liILSk5aXJlnYt99S6Rt9EFDDqGtJM26rKHApHcwyU/UoYHrzKkdkHMAIquGWCuHtQTbes+FRQw==",
"dev": true,
"dependencies": {
"@types/node": "*"
}
},
"node_modules/agent-base": {
"version": "7.1.0",
"resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.0.tgz",
@@ -667,12 +630,6 @@
"node": ">=12.0.0"
}
},
"node_modules/asynckit": {
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
"integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==",
"dev": true
},
"node_modules/balanced-match": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
@@ -765,18 +722,6 @@
"resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
"integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="
},
"node_modules/combined-stream": {
"version": "1.0.8",
"resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
"integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==",
"dev": true,
"dependencies": {
"delayed-stream": "~1.0.0"
},
"engines": {
"node": ">= 0.8"
}
},
"node_modules/cross-spawn": {
"version": "7.0.3",
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
@@ -806,15 +751,6 @@
}
}
},
"node_modules/delayed-stream": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
"integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==",
"dev": true,
"engines": {
"node": ">=0.4.0"
}
},
"node_modules/deprecation": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/deprecation/-/deprecation-2.3.1.tgz",
@@ -867,20 +803,6 @@
"url": "https://github.com/sponsors/isaacs"
}
},
"node_modules/form-data": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
"integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
"dev": true,
"dependencies": {
"asynckit": "^0.4.0",
"combined-stream": "^1.0.8",
"mime-types": "^2.1.12"
},
"engines": {
"node": ">= 6"
}
},
"node_modules/fs-minipass": {
"version": "3.0.3",
"resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-3.0.3.tgz",
@@ -1207,27 +1129,6 @@
"node": "^16.14.0 || >=18.0.0"
}
},
"node_modules/mime-db": {
"version": "1.52.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz",
"integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==",
"dev": true,
"engines": {
"node": ">= 0.6"
}
},
"node_modules/mime-types": {
"version": "2.1.35",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz",
"integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==",
"dev": true,
"dependencies": {
"mime-db": "1.52.0"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/minimatch": {
"version": "9.0.3",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
@@ -1743,9 +1644,9 @@
}
},
"node_modules/tar": {
"version": "6.2.0",
"resolved": "https://registry.npmjs.org/tar/-/tar-6.2.0.tgz",
"integrity": "sha512-/Wo7DcT0u5HUV486xg675HtjNd3BXZ6xDbzsCUZPt5iw8bTQ63bP0Raut3mvro9u+CUyq7YQd8Cx55fsZXxqLQ==",
"version": "6.2.1",
"resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz",
"integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==",
"dependencies": {
"chownr": "^2.0.0",
"fs-minipass": "^2.0.0",
@@ -1821,9 +1722,9 @@
}
},
"node_modules/undici": {
"version": "5.28.3",
"resolved": "https://registry.npmjs.org/undici/-/undici-5.28.3.tgz",
"integrity": "sha512-3ItfzbrhDlINjaP0duwnNsKpDQk3acHI3gVJ1z4fmwMK31k5G9OVIAMLSIaP6w4FaGkaAkN6zaQO9LUvZ1t7VA==",
"version": "5.28.4",
"resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz",
"integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==",
"dependencies": {
"@fastify/busboy": "^2.0.0"
},
@@ -2428,17 +2329,6 @@
"@types/node": "*"
}
},
"@types/make-fetch-happen": {
"version": "10.0.4",
"resolved": "https://registry.npmjs.org/@types/make-fetch-happen/-/make-fetch-happen-10.0.4.tgz",
"integrity": "sha512-jKzweQaEMMAi55ehvR1z0JF6aSVQm/h1BXBhPLOJriaeQBctjw5YbpIGs7zAx9dN0Sa2OO5bcXwCkrlgenoPEA==",
"dev": true,
"requires": {
"@types/node-fetch": "*",
"@types/retry": "*",
"@types/ssri": "*"
}
},
"@types/mime": {
"version": "1.3.5",
"resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz",
@@ -2452,16 +2342,6 @@
"undici-types": "~5.26.4"
}
},
"@types/node-fetch": {
"version": "2.6.11",
"resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.11.tgz",
"integrity": "sha512-24xFj9R5+rfQJLRyM56qh+wnVSYhyXC2tkoBndtY0U+vubqNsYXGjufB2nn8Q6gt0LrARwL6UBtMCSVCwl4B1g==",
"dev": true,
"requires": {
"@types/node": "*",
"form-data": "^4.0.0"
}
},
"@types/qs": {
"version": "6.9.14",
"resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.14.tgz",
@@ -2472,12 +2352,6 @@
"resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz",
"integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ=="
},
"@types/retry": {
"version": "0.12.5",
"resolved": "https://registry.npmjs.org/@types/retry/-/retry-0.12.5.tgz",
"integrity": "sha512-3xSjTp3v03X/lSQLkczaN9UIEwJMoMCA1+Nb5HfbJEQWogdeQIyVtTvxPXDQjZ5zws8rFQfVfRdz03ARihPJgw==",
"dev": true
},
"@types/send": {
"version": "0.17.4",
"resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz",
@@ -2497,15 +2371,6 @@
"@types/node": "*"
}
},
"@types/ssri": {
"version": "7.1.5",
"resolved": "https://registry.npmjs.org/@types/ssri/-/ssri-7.1.5.tgz",
"integrity": "sha512-odD/56S3B51liILSk5aXJlnYt99S6Rt9EFDDqGtJM26rKHApHcwyU/UoYHrzKkdkHMAIquGWCuHtQTbes+FRQw==",
"dev": true,
"requires": {
"@types/node": "*"
}
},
"agent-base": {
"version": "7.1.0",
"resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.0.tgz",
@@ -2544,12 +2409,6 @@
"tslib": "^2.4.0"
}
},
"asynckit": {
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
"integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==",
"dev": true
},
"balanced-match": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
@@ -2627,15 +2486,6 @@
"resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
"integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="
},
"combined-stream": {
"version": "1.0.8",
"resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
"integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==",
"dev": true,
"requires": {
"delayed-stream": "~1.0.0"
}
},
"cross-spawn": {
"version": "7.0.3",
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
@@ -2654,12 +2504,6 @@
"ms": "2.1.2"
}
},
"delayed-stream": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
"integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==",
"dev": true
},
"deprecation": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/deprecation/-/deprecation-2.3.1.tgz",
@@ -2706,17 +2550,6 @@
"signal-exit": "^4.0.1"
}
},
"form-data": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
"integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
"dev": true,
"requires": {
"asynckit": "^0.4.0",
"combined-stream": "^1.0.8",
"mime-types": "^2.1.12"
}
},
"fs-minipass": {
"version": "3.0.3",
"resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-3.0.3.tgz",
@@ -2984,21 +2817,6 @@
"ssri": "^10.0.0"
}
},
"mime-db": {
"version": "1.52.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz",
"integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==",
"dev": true
},
"mime-types": {
"version": "2.1.35",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz",
"integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==",
"dev": true,
"requires": {
"mime-db": "1.52.0"
}
},
"minimatch": {
"version": "9.0.3",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
@@ -3367,9 +3185,9 @@
}
},
"tar": {
"version": "6.2.0",
"resolved": "https://registry.npmjs.org/tar/-/tar-6.2.0.tgz",
"integrity": "sha512-/Wo7DcT0u5HUV486xg675HtjNd3BXZ6xDbzsCUZPt5iw8bTQ63bP0Raut3mvro9u+CUyq7YQd8Cx55fsZXxqLQ==",
"version": "6.2.1",
"resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz",
"integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==",
"requires": {
"chownr": "^2.0.0",
"fs-minipass": "^2.0.0",
@@ -3433,9 +3251,9 @@
"integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg=="
},
"undici": {
"version": "5.28.3",
"resolved": "https://registry.npmjs.org/undici/-/undici-5.28.3.tgz",
"integrity": "sha512-3ItfzbrhDlINjaP0duwnNsKpDQk3acHI3gVJ1z4fmwMK31k5G9OVIAMLSIaP6w4FaGkaAkN6zaQO9LUvZ1t7VA==",
"version": "5.28.4",
"resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz",
"integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==",
"requires": {
"@fastify/busboy": "^2.0.0"
}
+3 -4
View File
@@ -38,9 +38,9 @@
"@sigstore/mock": "^0.6.5",
"@sigstore/rekor-types": "^2.0.0",
"@types/jsonwebtoken": "^9.0.6",
"@types/make-fetch-happen": "^10.0.4",
"jose": "^5.2.3",
"nock": "^13.5.1"
"nock": "^13.5.1",
"undici": "^5.28.4"
},
"dependencies": {
"@actions/core": "^1.10.1",
@@ -49,7 +49,6 @@
"@sigstore/bundle": "^2.3.0",
"@sigstore/sign": "^2.3.0",
"jsonwebtoken": "^9.0.2",
"jwks-rsa": "^3.1.0",
"make-fetch-happen": "^13.0.0"
"jwks-rsa": "^3.1.0"
}
}
+6 -3
View File
@@ -1,5 +1,4 @@
import * as github from '@actions/github'
import fetch from 'make-fetch-happen'
const CREATE_ATTESTATION_REQUEST = 'POST /repos/{owner}/{repo}/attestations'
@@ -14,7 +13,7 @@ export const writeAttestation = async (
attestation: unknown,
token: string
): Promise<string> => {
const octokit = github.getOctokit(token, {request: {fetch}})
const octokit = github.getOctokit(token)
try {
const response = await octokit.request(CREATE_ATTESTATION_REQUEST, {
@@ -23,7 +22,11 @@ export const writeAttestation = async (
data: {bundle: attestation}
})
return response.data?.id
const data =
typeof response.data == 'string'
? JSON.parse(response.data)
: response.data
return data?.id
} catch (err) {
const message = err instanceof Error ? err.message : err
throw new Error(`Failed to persist attestation: ${message}`)
+1 -1
View File
@@ -6,7 +6,7 @@
"packages": {
"": {
"name": "@actions/http-client",
"version": "2.2.0",
"version": "2.2.1",
"license": "MIT",
"dependencies": {
"tunnel": "^0.0.6",