attest

Author	SHA1	Message	Date
Brian DeHamer	ec072a1cb2	add new subject-version input (#364 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2026-02-26 12:38:12 -08:00
Brian DeHamer	19ad753d23	test suite re-write (#356 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2026-02-19 10:14:47 -08:00
Brian DeHamer	7d7ff4475a	ESM Conversion (#347 ) * initial esm conversion Signed-off-by: Brian DeHamer <bdehamer@github.com> * esm'ify jest tests Signed-off-by: Brian DeHamer <bdehamer@github.com> * lint issues Signed-off-by: Brian DeHamer <bdehamer@github.com> * debug mock Signed-off-by: Brian DeHamer <bdehamer@github.com> * glob updated Signed-off-by: Brian DeHamer <bdehamer@github.com> * async all file functions Signed-off-by: Brian DeHamer <bdehamer@github.com> * update @actions/github Signed-off-by: Brian DeHamer <bdehamer@github.com> * update @actions/attest Signed-off-by: Brian DeHamer <bdehamer@github.com> * rebuild package-lock.json Signed-off-by: Brian DeHamer <bdehamer@github.com> * use experimental flag for jest in ci Signed-off-by: Brian DeHamer <bdehamer@github.com> * remove stray istanbul ignore Signed-off-by: Brian DeHamer <bdehamer@github.com> * Optimize getSubjectFromPath to avoid concurrent stat calls Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> * Fix boundary condition for MAX_SUBJECT_COUNT check Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> * Improve error message clarity for subject count limit Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> * Update test to match new error message format Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> * Fix parseSBOMFromPath to check file size before reading Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> * Build package with updated changes Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> --------- Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com>	2026-02-18 08:52:30 -08:00
Brian DeHamer	dc4ad3cc6c	Consolidate attestation actions (#346 ) * consolidate attestation actions Signed-off-by: Brian DeHamer <bdehamer@github.com> * better errors Signed-off-by: Brian DeHamer <bdehamer@github.com> * Update src/sbom.ts Co-authored-by: Austin Beattie <ajbeattie@github.com> * clarify dedupe comment Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: Austin Beattie <ajbeattie@github.com>	2026-02-13 11:23:24 -08:00
Meredith Lancaster	20eb46ce7a	Validate repository org-ownership before storage record creation (#328 ) * check if the repository is owned by org before attempting storage record creation Signed-off-by: Meredith Lancaster <malancas@github.com> * linter Signed-off-by: Meredith Lancaster <malancas@github.com> * generate dist Signed-off-by: Meredith Lancaster <malancas@github.com> * add fixtures for repoOwnerIsOrg function Signed-off-by: Meredith Lancaster <malancas@github.com> * formatter Signed-off-by: Meredith Lancaster <malancas@github.com> * clean up fixtures Signed-off-by: Meredith Lancaster <malancas@github.com> * more clean up Signed-off-by: Meredith Lancaster <malancas@github.com> * fix function declaration Signed-off-by: Meredith Lancaster <malancas@github.com> * clean up fixtures Signed-off-by: Meredith Lancaster <malancas@github.com> * add test when repo is not owned by org Signed-off-by: Meredith Lancaster <malancas@github.com> * add more expect statements, clean up mock calls Signed-off-by: Meredith Lancaster <malancas@github.com> * formatter Signed-off-by: Meredith Lancaster <malancas@github.com> * add more spy expect statements Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com>	2026-01-26 08:31:21 -08:00
Meredith Lancaster	7667f588f2	Create Artifact Metadata Storage Record on registry push (#313 ) * first pass at creating storage record Signed-off-by: Meredith Lancaster <malancas@github.com> * include storage record param in action config Signed-off-by: Meredith Lancaster <malancas@github.com> * use latest actions/attest version Signed-off-by: Meredith Lancaster <malancas@github.com> * update storage record params Signed-off-by: Meredith Lancaster <malancas@github.com> * include storage record id in result Signed-off-by: Meredith Lancaster <malancas@github.com> * regenerate dist Signed-off-by: Meredith Lancaster <malancas@github.com> * add documentation on storage records Signed-off-by: Meredith Lancaster <malancas@github.com> * log storage record creation Signed-off-by: Meredith Lancaster <malancas@github.com> * add storage record output Signed-off-by: Meredith Lancaster <malancas@github.com> * add new param Signed-off-by: Meredith Lancaster <malancas@github.com> * add storage record id output Signed-off-by: Meredith Lancaster <malancas@github.com> * fix linter errors Signed-off-by: Meredith Lancaster <malancas@github.com> * return all storage record ids Signed-off-by: Meredith Lancaster <malancas@github.com> * bump minor version Signed-off-by: Meredith Lancaster <malancas@github.com> * use expect string match function Signed-off-by: Meredith Lancaster <malancas@github.com> * add try catch block for storage record creation Signed-off-by: Meredith Lancaster <malancas@github.com> * fix table column spacing Signed-off-by: Meredith Lancaster <malancas@github.com> * check for protocol Signed-off-by: Meredith Lancaster <malancas@github.com> * check for artifact url protocol Signed-off-by: Meredith Lancaster <malancas@github.com> * only fill registry_url for now Signed-off-by: Meredith Lancaster <malancas@github.com> * cleanup protocol handling Signed-off-by: Meredith Lancaster <malancas@github.com> * regenerate dist Signed-off-by: Meredith Lancaster <malancas@github.com> * handle subject name correctly Signed-off-by: Meredith Lancaster <malancas@github.com> * move test Signed-off-by: Meredith Lancaster <malancas@github.com> * add back assert statements Signed-off-by: Meredith Lancaster <malancas@github.com> * add back output assert statements Signed-off-by: Meredith Lancaster <malancas@github.com> * Apply suggestion from @Copilot Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Apply suggestion from @Copilot Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Apply suggestion from @Copilot Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * use url for subject name parsing Signed-off-by: Meredith Lancaster <malancas@github.com> * add missing test setpu Signed-off-by: Meredith Lancaster <malancas@github.com> * fix storage record fail test Signed-off-by: Meredith Lancaster <malancas@github.com> * regenerate dist Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-12-18 11:30:45 -08:00
Brian DeHamer	daf44fb950	improved checksum parsing (#280 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2025-08-26 16:07:15 -07:00
dependabot[bot]	90924a287f	Bump the npm-development group with 6 updates (#216 ) * Bump the npm-development group with 6 updates Bumps the npm-development group with 6 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) \| `9.20.0` \| `9.21.0` \| \| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) \| `22.13.4` \| `22.13.5` \| \| [eslint](https://github.com/eslint/eslint) \| `9.20.1` \| `9.21.0` \| \| [prettier](https://github.com/prettier/prettier) \| `3.5.1` \| `3.5.2` \| \| [ts-jest](https://github.com/kulshekhar/ts-jest) \| `29.2.5` \| `29.2.6` \| \| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) \| `8.24.1` \| `8.25.0` \| Updates `@eslint/js` from 9.20.0 to 9.21.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/commits/v9.21.0/packages/js) Updates `@types/node` from 22.13.4 to 22.13.5 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `eslint` from 9.20.1 to 9.21.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v9.20.1...v9.21.0) Updates `prettier` from 3.5.1 to 3.5.2 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](https://github.com/prettier/prettier/compare/3.5.1...3.5.2) Updates `ts-jest` from 29.2.5 to 29.2.6 - [Release notes](https://github.com/kulshekhar/ts-jest/releases) - [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.2.5...v29.2.6) Updates `typescript-eslint` from 8.24.1 to 8.25.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.25.0/packages/typescript-eslint) --- updated-dependencies: - dependency-name: "@eslint/js" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: ts-jest dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: typescript-eslint dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> * fix typos Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2025-02-25 11:49:37 -08:00
Brian DeHamer	38bcf9b1c5	New subject-checksums input param (#198 ) * new subject-checksums input param Signed-off-by: Brian DeHamer <bdehamer@github.com> * check for valid hex string for digest Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: Brian DeHamer <bdehamer@github.com>	2025-01-21 10:32:02 -08:00
Brian DeHamer	bfa7e6911b	Update eslint from 8.x to 9.x (#185 ) * remove eslint prettier plugins Signed-off-by: Brian DeHamer <bdehamer@github.com> * eslint upgrade Signed-off-by: Brian DeHamer <bdehamer@github.com> * source fixup Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-12-13 15:25:52 -08:00
Brian DeHamer	94d0d43131	add attestation-id and attestation-url outputs (#181 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-12-09 09:56:33 -08:00
Brian DeHamer	65e34a8aa7	deduplicate subjects before adding to statement (#180 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-12-06 07:14:14 -08:00
Brian DeHamer	a2d6fee37e	readme updates for v2 release (#173 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-11-21 12:53:27 -08:00
Brian DeHamer	85e94cb741	support multi-subject attestations (#164 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-11-05 09:16:07 -08:00
Brian DeHamer	97f7cf8914	add show-summary input (#108 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-07-30 11:27:18 -07:00
Brian DeHamer	68a047fd01	bugfix for glob exclude patterns (#100 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-07-09 07:55:19 -07:00
Brian DeHamer	4fa34e85c5	enforce 16MB limit on predicate size (#80 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-06-03 09:41:25 -07:00
Brian DeHamer	9e752e3d76	batch processing w/ exponential backoff (#79 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-06-03 07:56:25 -07:00
Brian DeHamer	faa6467995	refactor core attestation logic (#73 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-28 11:00:03 -07:00
Brian DeHamer	3ff4eb4c69	centralize collection of action inputs (#72 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-24 11:01:44 -07:00
Brian DeHamer	80d9f23382	process subjects in batches (#67 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-22 07:55:00 -07:00
Brian DeHamer	38ff958ab6	downcase subject name for OCI images (#63 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-14 08:11:10 -07:00
Brian DeHamer	b0d8b47eb7	include more detail in error logging (#58 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-09 12:34:01 -07:00
Brian DeHamer	d442d85e12	ensure subject globs match only files (#54 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-06 11:52:03 -07:00
Brian DeHamer	c58d52c41d	limit attestation subject count (#53 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-06 11:51:42 -07:00
Brian DeHamer	94082a9d2e	add list support for subjectPath input (#51 ) * add list support for subjectPath input Signed-off-by: Brian DeHamer <bdehamer@github.com> * bump package version to 1.1.0 Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-06 08:32:02 -07:00
Brian DeHamer	a6dded75c9	bump @actions/attest from 1.1.0 to 1.2.1 (#41 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-04-25 11:03:54 -07:00
Brian DeHamer	3b95763d7e	more test coverage (#18 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-02-29 17:02:56 -08:00
Brian DeHamer	32049315c5	enable unit tests in CI (#15 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-02-28 10:45:31 -08:00
Brian DeHamer	525454b125	choose proper sigstore instance when attesting (#11 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-02-27 16:47:20 -08:00
Brian DeHamer	6e9708eee5	create release attestation in CI test (#9 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-02-27 16:41:49 -08:00
ejahnGithub	a801b62e6f	fixed ci	2024-02-22 08:14:04 -08:00
ejahnGithub	e3c685d193	init attest action	2024-02-22 07:53:51 -08:00
Brian DeHamer	aaaeb08d4e	Initial commit	2024-02-20 11:22:22 -08:00

34 Commits