mirror of https://github.com/actions/toolkit
support for headers param in attest functions
Signed-off-by: Brian DeHamer <bdehamer@github.com>pull/1790/head
Brian DeHamer
parent
50f2977cce
commit
340a1033a5
|
|
@ -63,6 +63,8 @@ export type AttestOptions = {
|
||||||
// Sigstore instance to use for signing. Must be one of "public-good" or
|
// Sigstore instance to use for signing. Must be one of "public-good" or
|
||||||
// "github".
|
// "github".
|
||||||
sigstore?: 'public-good' | 'github'
|
sigstore?: 'public-good' | 'github'
|
||||||
|
// HTTP headers to include in request to attestations API.
|
||||||
|
headers?: {[header: string]: string | number | undefined}
|
||||||
// Whether to skip writing the attestation to the GH attestations API.
|
// Whether to skip writing the attestation to the GH attestations API.
|
||||||
skipWrite?: boolean
|
skipWrite?: boolean
|
||||||
}
|
}
|
||||||
|
|
@ -113,6 +115,8 @@ export type AttestProvenanceOptions = {
|
||||||
// Sigstore instance to use for signing. Must be one of "public-good" or
|
// Sigstore instance to use for signing. Must be one of "public-good" or
|
||||||
// "github".
|
// "github".
|
||||||
sigstore?: 'public-good' | 'github'
|
sigstore?: 'public-good' | 'github'
|
||||||
|
// HTTP headers to include in request to attestations API.
|
||||||
|
headers?: {[header: string]: string | number | undefined}
|
||||||
// Whether to skip writing the attestation to the GH attestations API.
|
// Whether to skip writing the attestation to the GH attestations API.
|
||||||
skipWrite?: boolean
|
skipWrite?: boolean
|
||||||
// Issuer URL responsible for minting the OIDC token from which the
|
// Issuer URL responsible for minting the OIDC token from which the
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,9 @@
|
||||||
# @actions/attest Releases
|
# @actions/attest Releases
|
||||||
|
|
||||||
|
### 1.4.0
|
||||||
|
|
||||||
|
- Add new `headers` parameter to the `attest` and `attestProvenance` functions.
|
||||||
|
|
||||||
### 1.3.1
|
### 1.3.1
|
||||||
|
|
||||||
- Fix bug with proxy support when retrieving JWKS for OIDC issuer
|
- Fix bug with proxy support when retrieving JWKS for OIDC issuer
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,7 @@ describe('writeAttestation', () => {
|
||||||
const originalEnv = process.env
|
const originalEnv = process.env
|
||||||
const attestation = {foo: 'bar '}
|
const attestation = {foo: 'bar '}
|
||||||
const token = 'token'
|
const token = 'token'
|
||||||
|
const headers = {'X-GitHub-Foo': 'true'}
|
||||||
|
|
||||||
const mockAgent = new MockAgent()
|
const mockAgent = new MockAgent()
|
||||||
setGlobalDispatcher(mockAgent)
|
setGlobalDispatcher(mockAgent)
|
||||||
|
|
@ -27,14 +28,16 @@ describe('writeAttestation', () => {
|
||||||
.intercept({
|
.intercept({
|
||||||
path: '/repos/foo/bar/attestations',
|
path: '/repos/foo/bar/attestations',
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
headers: {authorization: `token ${token}`},
|
headers: {authorization: `token ${token}`, ...headers},
|
||||||
body: JSON.stringify({bundle: attestation})
|
body: JSON.stringify({bundle: attestation})
|
||||||
})
|
})
|
||||||
.reply(201, {id: '123'})
|
.reply(201, {id: '123'})
|
||||||
})
|
})
|
||||||
|
|
||||||
it('persists the attestation', async () => {
|
it('persists the attestation', async () => {
|
||||||
await expect(writeAttestation(attestation, token)).resolves.toEqual('123')
|
await expect(
|
||||||
|
writeAttestation(attestation, token, {headers})
|
||||||
|
).resolves.toEqual('123')
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,12 +1,12 @@
|
||||||
{
|
{
|
||||||
"name": "@actions/attest",
|
"name": "@actions/attest",
|
||||||
"version": "1.3.1",
|
"version": "1.4.0",
|
||||||
"lockfileVersion": 2,
|
"lockfileVersion": 2,
|
||||||
"requires": true,
|
"requires": true,
|
||||||
"packages": {
|
"packages": {
|
||||||
"": {
|
"": {
|
||||||
"name": "@actions/attest",
|
"name": "@actions/attest",
|
||||||
"version": "1.3.1",
|
"version": "1.4.0",
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@actions/core": "^1.10.1",
|
"@actions/core": "^1.10.1",
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "@actions/attest",
|
"name": "@actions/attest",
|
||||||
"version": "1.3.1",
|
"version": "1.4.0",
|
||||||
"description": "Actions attestation lib",
|
"description": "Actions attestation lib",
|
||||||
"keywords": [
|
"keywords": [
|
||||||
"github",
|
"github",
|
||||||
|
|
|
||||||
|
|
@ -28,6 +28,8 @@ export type AttestOptions = {
|
||||||
// Sigstore instance to use for signing. Must be one of "public-good" or
|
// Sigstore instance to use for signing. Must be one of "public-good" or
|
||||||
// "github".
|
// "github".
|
||||||
sigstore?: SigstoreInstance
|
sigstore?: SigstoreInstance
|
||||||
|
// HTTP headers to include in request to attestations API.
|
||||||
|
headers?: {[header: string]: string | number | undefined}
|
||||||
// Whether to skip writing the attestation to the GH attestations API.
|
// Whether to skip writing the attestation to the GH attestations API.
|
||||||
skipWrite?: boolean
|
skipWrite?: boolean
|
||||||
}
|
}
|
||||||
|
|
@ -61,7 +63,11 @@ export async function attest(options: AttestOptions): Promise<Attestation> {
|
||||||
// Store the attestation
|
// Store the attestation
|
||||||
let attestationID: string | undefined
|
let attestationID: string | undefined
|
||||||
if (options.skipWrite !== true) {
|
if (options.skipWrite !== true) {
|
||||||
attestationID = await writeAttestation(bundleToJSON(bundle), options.token)
|
attestationID = await writeAttestation(
|
||||||
|
bundleToJSON(bundle),
|
||||||
|
options.token,
|
||||||
|
{headers: options.headers}
|
||||||
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
return toAttestation(bundle, attestationID)
|
return toAttestation(bundle, attestationID)
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,13 @@
|
||||||
import * as github from '@actions/github'
|
import * as github from '@actions/github'
|
||||||
import {retry} from '@octokit/plugin-retry'
|
import {retry} from '@octokit/plugin-retry'
|
||||||
|
import {RequestHeaders} from '@octokit/types'
|
||||||
|
|
||||||
const CREATE_ATTESTATION_REQUEST = 'POST /repos/{owner}/{repo}/attestations'
|
const CREATE_ATTESTATION_REQUEST = 'POST /repos/{owner}/{repo}/attestations'
|
||||||
const DEFAULT_RETRY_COUNT = 5
|
const DEFAULT_RETRY_COUNT = 5
|
||||||
|
|
||||||
export type WriteOptions = {
|
export type WriteOptions = {
|
||||||
retry?: number
|
retry?: number
|
||||||
|
headers?: RequestHeaders
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* Writes an attestation to the repository's attestations endpoint.
|
* Writes an attestation to the repository's attestations endpoint.
|
||||||
|
|
@ -26,6 +28,7 @@ export const writeAttestation = async (
|
||||||
const response = await octokit.request(CREATE_ATTESTATION_REQUEST, {
|
const response = await octokit.request(CREATE_ATTESTATION_REQUEST, {
|
||||||
owner: github.context.repo.owner,
|
owner: github.context.repo.owner,
|
||||||
repo: github.context.repo.repo,
|
repo: github.context.repo.repo,
|
||||||
|
headers: options.headers,
|
||||||
data: {bundle: attestation}
|
data: {bundle: attestation}
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue