@docker/actions-toolkit 0.65.0 → 0.67.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/lib/cache.js +36 -21
  2. package/lib/cache.js.map +1 -1
  3. package/lib/sigstore/sigstore.d.ts +3 -35
  4. package/lib/sigstore/sigstore.js +80 -52
  5. package/lib/sigstore/sigstore.js.map +1 -1
  6. package/lib/types/sigstore/sigstore.d.ts +44 -0
  7. package/lib/types/sigstore/sigstore.js.map +1 -1
  8. package/package.json +3 -5
package/lib/cache.js CHANGED
@@ -87,8 +87,13 @@ class Cache {
87
87
  core.debug(`Cache.save cached to hosted tool cache ${htcPath}`);
88
88
  if (!this.ghaNoCache && cache.isFeatureAvailable()) {
89
89
  if (skipState) {
90
- core.debug(`Cache.save caching ${this.ghaCacheKey} to GitHub Actions cache`);
91
- yield cache.saveCache([this.cacheDir], this.ghaCacheKey);
90
+ try {
91
+ core.debug(`Cache.save caching ${this.ghaCacheKey} to GitHub Actions cache`);
92
+ yield cache.saveCache([this.cacheDir], this.ghaCacheKey);
93
+ }
94
+ catch (e) {
95
+ core.warning(`Failed to save cache: ${e}`);
96
+ }
92
97
  }
93
98
  else {
94
99
  core.debug(`Cache.save sending ${this.ghaCacheKey} to post state`);
@@ -103,25 +108,30 @@ class Cache {
103
108
  }
104
109
  find() {
105
110
  return __awaiter(this, void 0, void 0, function* () {
106
- let htcPath = tc.find(this.opts.htcName, this.opts.htcVersion, this.platform());
107
- if (htcPath) {
108
- core.info(`Restored from hosted tool cache ${htcPath}`);
109
- return this.copyToCache(`${htcPath}/${this.opts.cacheFile}`);
110
- }
111
- if (!this.ghaNoCache && cache.isFeatureAvailable()) {
112
- core.debug(`GitHub Actions cache feature available`);
113
- if (yield cache.restoreCache([this.cacheDir], this.ghaCacheKey)) {
114
- core.info(`Restored ${this.ghaCacheKey} from GitHub Actions cache`);
115
- htcPath = yield tc.cacheDir(this.cacheDir, this.opts.htcName, this.opts.htcVersion, this.platform());
116
- core.info(`Cached to hosted tool cache ${htcPath}`);
111
+ try {
112
+ let htcPath = tc.find(this.opts.htcName, this.opts.htcVersion, this.platform());
113
+ if (htcPath) {
114
+ core.info(`Restored from hosted tool cache ${htcPath}`);
117
115
  return this.copyToCache(`${htcPath}/${this.opts.cacheFile}`);
118
116
  }
117
+ if (!this.ghaNoCache && cache.isFeatureAvailable()) {
118
+ core.debug(`GitHub Actions cache feature available`);
119
+ if (yield cache.restoreCache([this.cacheDir], this.ghaCacheKey)) {
120
+ core.info(`Restored ${this.ghaCacheKey} from GitHub Actions cache`);
121
+ htcPath = yield tc.cacheDir(this.cacheDir, this.opts.htcName, this.opts.htcVersion, this.platform());
122
+ core.info(`Cached to hosted tool cache ${htcPath}`);
123
+ return this.copyToCache(`${htcPath}/${this.opts.cacheFile}`);
124
+ }
125
+ }
126
+ else if (this.ghaNoCache) {
127
+ core.info(`GitHub Actions cache disabled`);
128
+ }
129
+ else {
130
+ core.info(`GitHub Actions cache feature not available`);
131
+ }
119
132
  }
120
- else if (this.ghaNoCache) {
121
- core.info(`GitHub Actions cache disabled`);
122
- }
123
- else {
124
- core.info(`GitHub Actions cache feature not available`);
133
+ catch (e) {
134
+ core.warning(`Failed to restore cache: ${e}`);
125
135
  }
126
136
  return '';
127
137
  });
@@ -143,13 +153,18 @@ class Cache {
143
153
  if (!cacheState.dir || !cacheState.key) {
144
154
  throw new Error(`Invalid cache post state: ${state}`);
145
155
  }
146
- core.info(`Caching ${cacheState.key} to GitHub Actions cache`);
147
- yield cache.saveCache([cacheState.dir], cacheState.key);
156
+ try {
157
+ core.info(`Caching ${cacheState.key} to GitHub Actions cache`);
158
+ yield cache.saveCache([cacheState.dir], cacheState.key);
159
+ }
160
+ catch (e) {
161
+ core.warning(`Failed to save cache: ${e}`);
162
+ }
148
163
  return cacheState;
149
164
  });
150
165
  }
151
166
  copyToCache(file) {
152
- core.debug(`Copying ${file} to ${this.cachePath}`);
167
+ core.info(`Copying ${file} to ${this.cachePath}`);
153
168
  fs_1.default.copyFileSync(file, this.cachePath);
154
169
  return this.cachePath;
155
170
  }
package/lib/cache.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cache.js","sourceRoot":"","sources":["../src/cache.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,4CAAoB;AACpB,4CAAoB;AACpB,gDAAwB;AACxB,oDAAsC;AACtC,wDAA0C;AAC1C,sDAAwC;AACxC,2CAA6B;AAe7B,MAAa,KAAK;IAShB,YAAY,IAAe;QACzB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACrG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC;QACvC,IAAI,CAAC,QAAQ,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACzF,IAAI,CAAC,SAAS,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC/D,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClC,YAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAC,SAAS,EAAE,IAAI,EAAC,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAEY,IAAI,CAAC,IAAY,EAAE,SAAmB;;YACjD,IAAI,CAAC,KAAK,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC;YACjC,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YAEzC,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC3G,IAAI,CAAC,KAAK,CAAC,0CAA0C,OAAO,EAAE,CAAC,CAAC;YAEhE,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,kBAAkB,EAAE,EAAE,CAAC;gBACnD,IAAI,SAAS,EAAE,CAAC;oBACd,IAAI,CAAC,KAAK,CAAC,sBAAsB,IAAI,CAAC,WAAW,0BAA0B,CAAC,CAAC;oBAC7E,MAAM,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;gBAC3D,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,KAAK,CAAC,sBAAsB,IAAI,CAAC,WAAW,gBAAgB,CAAC,CAAC;oBACnE,IAAI,CAAC,SAAS,CACZ,KAAK,CAAC,cAAc,EACpB,IAAI,CAAC,SAAS,CAAC;wBACb,GAAG,EAAE,IAAI,CAAC,QAAQ;wBAClB,GAAG,EAAE,IAAI,CAAC,WAAW;qBACJ,CAAC,CACrB,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,OAAO,SAAS,CAAC;QACnB,CAAC;KAAA;IAEY,IAAI;;YACf,IAAI,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;YAChF,IAAI,OAAO,EAAE,CAAC;gBACZ,IAAI,CAAC,IAAI,CAAC,mCAAmC,OAAO,EAAE,CAAC,CAAC;gBACxD,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;YAC/D,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,kBAAkB,EAAE,EAAE,CAAC;gBACnD,IAAI,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;gBACrD,IAAI,MAAM,KAAK,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;oBAChE,IAAI,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,WAAW,4BAA4B,CAAC,CAAC;oBACpE,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;oBACrG,IAAI,CAAC,IAAI,CAAC,+BAA+B,OAAO,EAAE,CAAC,CAAC;oBACpD,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;gBAC/D,CAAC;YACH,CAAC;iBAAM,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBAC3B,IAAI,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAC7C,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;YAC1D,CAAC;YAED,OAAO,EAAE,CAAC;QACZ,CAAC;KAAA;IAEM,MAAM,CAAO,IAAI;;YACtB,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;YAClD,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBAC3B,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACpC,CAAC;YACD,IAAI,UAA0B,CAAC;YAC/B,IAAI,CAAC;gBACH,UAAU,GAAmB,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACjD,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,EAAE,CAAC,CAAC;YAC5D,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,6BAA6B,KAAK,EAAE,CAAC,CAAC;YACxD,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,WAAW,UAAU,CAAC,GAAG,0BAA0B,CAAC,CAAC;YAC/D,MAAM,KAAK,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC;YACxD,OAAO,UAAU,CAAC;QACpB,CAAC;KAAA;IAEO,WAAW,CAAC,IAAY;QAC9B,IAAI,CAAC,KAAK,CAAC,WAAW,IAAI,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QACnD,YAAE,CAAC,YAAY,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QACtC,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAEO,QAAQ;QACd,8DAA8D;QAC9D,MAAM,WAAW,GAAI,OAAO,CAAC,MAAM,CAAC,SAAiB,CAAC,WAAW,CAAC;QAClE,OAAO,GAAG,YAAE,CAAC,QAAQ,EAAE,IAAI,YAAE,CAAC,IAAI,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,GAAG,GAAG,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAChF,CAAC;;AApGH,sBAqGC;AA9FyB,oBAAc,GAAG,WAAW,CAAC"}
1
+ {"version":3,"file":"cache.js","sourceRoot":"","sources":["../src/cache.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,4CAAoB;AACpB,4CAAoB;AACpB,gDAAwB;AACxB,oDAAsC;AACtC,wDAA0C;AAC1C,sDAAwC;AACxC,2CAA6B;AAe7B,MAAa,KAAK;IAShB,YAAY,IAAe;QACzB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACrG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC;QACvC,IAAI,CAAC,QAAQ,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACzF,IAAI,CAAC,SAAS,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC/D,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClC,YAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAC,SAAS,EAAE,IAAI,EAAC,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAEY,IAAI,CAAC,IAAY,EAAE,SAAmB;;YACjD,IAAI,CAAC,KAAK,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC;YACjC,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YAEzC,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC3G,IAAI,CAAC,KAAK,CAAC,0CAA0C,OAAO,EAAE,CAAC,CAAC;YAEhE,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,kBAAkB,EAAE,EAAE,CAAC;gBACnD,IAAI,SAAS,EAAE,CAAC;oBACd,IAAI,CAAC;wBACH,IAAI,CAAC,KAAK,CAAC,sBAAsB,IAAI,CAAC,WAAW,0BAA0B,CAAC,CAAC;wBAC7E,MAAM,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;oBAC3D,CAAC;oBAAC,OAAO,CAAC,EAAE,CAAC;wBACX,IAAI,CAAC,OAAO,CAAC,yBAAyB,CAAC,EAAE,CAAC,CAAC;oBAC7C,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,KAAK,CAAC,sBAAsB,IAAI,CAAC,WAAW,gBAAgB,CAAC,CAAC;oBACnE,IAAI,CAAC,SAAS,CACZ,KAAK,CAAC,cAAc,EACpB,IAAI,CAAC,SAAS,CAAC;wBACb,GAAG,EAAE,IAAI,CAAC,QAAQ;wBAClB,GAAG,EAAE,IAAI,CAAC,WAAW;qBACJ,CAAC,CACrB,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,OAAO,SAAS,CAAC;QACnB,CAAC;KAAA;IAEY,IAAI;;YACf,IAAI,CAAC;gBACH,IAAI,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAChF,IAAI,OAAO,EAAE,CAAC;oBACZ,IAAI,CAAC,IAAI,CAAC,mCAAmC,OAAO,EAAE,CAAC,CAAC;oBACxD,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;gBAC/D,CAAC;gBACD,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,kBAAkB,EAAE,EAAE,CAAC;oBACnD,IAAI,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;oBACrD,IAAI,MAAM,KAAK,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;wBAChE,IAAI,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,WAAW,4BAA4B,CAAC,CAAC;wBACpE,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACrG,IAAI,CAAC,IAAI,CAAC,+BAA+B,OAAO,EAAE,CAAC,CAAC;wBACpD,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;oBAC/D,CAAC;gBACH,CAAC;qBAAM,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;oBAC3B,IAAI,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;gBAC7C,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;gBAC1D,CAAC;YACH,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,IAAI,CAAC,OAAO,CAAC,4BAA4B,CAAC,EAAE,CAAC,CAAC;YAChD,CAAC;YACD,OAAO,EAAE,CAAC;QACZ,CAAC;KAAA;IAEM,MAAM,CAAO,IAAI;;YACtB,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;YAClD,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBAC3B,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACpC,CAAC;YACD,IAAI,UAA0B,CAAC;YAC/B,IAAI,CAAC;gBACH,UAAU,GAAmB,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACjD,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,EAAE,CAAC,CAAC;YAC5D,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,6BAA6B,KAAK,EAAE,CAAC,CAAC;YACxD,CAAC;YACD,IAAI,CAAC;gBACH,IAAI,CAAC,IAAI,CAAC,WAAW,UAAU,CAAC,GAAG,0BAA0B,CAAC,CAAC;gBAC/D,MAAM,KAAK,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC;YAC1D,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,IAAI,CAAC,OAAO,CAAC,yBAAyB,CAAC,EAAE,CAAC,CAAC;YAC7C,CAAC;YACD,OAAO,UAAU,CAAC;QACpB,CAAC;KAAA;IAEO,WAAW,CAAC,IAAY;QAC9B,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAClD,YAAE,CAAC,YAAY,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QACtC,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAEO,QAAQ;QACd,8DAA8D;QAC9D,MAAM,WAAW,GAAI,OAAO,CAAC,MAAM,CAAC,SAAiB,CAAC,WAAW,CAAC;QAClE,OAAO,GAAG,YAAE,CAAC,QAAQ,EAAE,IAAI,YAAE,CAAC,IAAI,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,GAAG,GAAG,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAChF,CAAC;;AA9GH,sBA+GC;AAxGyB,oBAAc,GAAG,WAAW,CAAC"}
package/lib/sigstore/sigstore.d.ts CHANGED
@@ -13,42 +13,9 @@
13
13
  * See the License for the specific language governing permissions and
14
14
  * limitations under the License.
15
15
  */
16
- import { Attestation } from '@actions/attest';
17
16
  import { Cosign } from '../cosign/cosign';
18
17
  import { ImageTools } from '../buildx/imagetools';
19
- import { Subject } from '../types/intoto/intoto';
20
- export interface SignAttestationManifestsOpts {
21
- imageName: string;
22
- imageDigest: string;
23
- noTransparencyLog?: boolean;
24
- }
25
- export interface SignAttestationManifestsResult extends Attestation {
26
- imageName: string;
27
- }
28
- export interface VerifySignedManifestsOpts {
29
- certificateIdentityRegexp: string;
30
- retries?: number;
31
- }
32
- export interface VerifySignedManifestsResult {
33
- cosignArgs: Array<string>;
34
- signatureManifestDigest: string;
35
- }
36
- export interface SignProvenanceBlobsOpts {
37
- localExportDir: string;
38
- name?: string;
39
- noTransparencyLog?: boolean;
40
- }
41
- export interface SignProvenanceBlobsResult extends Attestation {
42
- bundlePath: string;
43
- subjects: Array<Subject>;
44
- }
45
- export interface VerifySignedArtifactsOpts {
46
- certificateIdentityRegexp: string;
47
- }
48
- export interface VerifySignedArtifactsResult {
49
- bundlePath: string;
50
- cosignArgs: Array<string>;
51
- }
18
+ import { SignAttestationManifestsOpts, SignAttestationManifestsResult, SignProvenanceBlobsOpts, SignProvenanceBlobsResult, VerifySignedArtifactsOpts, VerifySignedArtifactsResult, VerifySignedManifestsOpts, VerifySignedManifestsResult } from '../types/sigstore/sigstore';
52
19
  export interface SigstoreOpts {
53
20
  cosign?: Cosign;
54
21
  imageTools?: ImageTools;
@@ -65,5 +32,6 @@ export declare class Sigstore {
65
32
  private static noTransparencyLog;
66
33
  private static getProvenanceBlobs;
67
34
  private static getProvenanceSubjects;
68
- private static toAttestation;
35
+ private static signPayload;
36
+ private static parseBundle;
69
37
  }
package/lib/sigstore/sigstore.js CHANGED
@@ -65,8 +65,8 @@ const crypto_1 = require("crypto");
65
65
  const fs_1 = __importDefault(require("fs"));
66
66
  const path_1 = __importDefault(require("path"));
67
67
  const core = __importStar(require("@actions/core"));
68
- const sign_1 = require("@actions/attest/lib/sign");
69
68
  const bundle_1 = require("@sigstore/bundle");
69
+ const sign_1 = require("@sigstore/sign");
70
70
  const cosign_1 = require("../cosign/cosign");
71
71
  const exec_1 = require("../exec");
72
72
  const github_1 = require("../github");
@@ -91,48 +91,50 @@ class Sigstore {
91
91
  const endpoints = this.signingEndpoints(opts.noTransparencyLog);
92
92
  core.info(`Using Sigstore signing endpoint: ${endpoints.fulcioURL}`);
93
93
  const noTransparencyLog = Sigstore.noTransparencyLog(opts.noTransparencyLog);
94
- const attestationDigests = yield this.imageTools.attestationDigests(`${opts.imageName}@${opts.imageDigest}`);
95
- for (const attestationDigest of attestationDigests) {
96
- const attestationRef = `${opts.imageName}@${attestationDigest}`;
97
- yield core.group(`Signing attestation manifest ${attestationRef}`, () => __awaiter(this, void 0, void 0, function* () {
98
- // prettier-ignore
99
- const cosignArgs = [
100
- '--verbose',
101
- 'sign',
102
- '--yes',
103
- '--oidc-provider', 'github-actions',
104
- '--registry-referrers-mode', 'oci-1-1',
105
- '--new-bundle-format',
106
- '--use-signing-config'
107
- ];
108
- if (noTransparencyLog) {
109
- cosignArgs.push('--tlog-upload=false');
110
- }
111
- core.info(`[command]cosign ${[...cosignArgs, attestationRef].join(' ')}`);
112
- const execRes = yield exec_1.Exec.getExecOutput('cosign', [...cosignArgs, attestationRef], {
113
- ignoreReturnCode: true,
114
- silent: true,
115
- env: Object.assign({}, process.env, {
116
- COSIGN_EXPERIMENTAL: '1'
117
- })
118
- });
119
- const signResult = cosign_1.Cosign.parseCommandOutput(execRes.stderr.trim());
120
- if (execRes.exitCode != 0) {
121
- if (signResult.errors && signResult.errors.length > 0) {
122
- const errorMessages = signResult.errors.map(e => `- [${e.code}] ${e.message} : ${e.detail}`).join('\n');
123
- throw new Error(`Cosign sign command failed with errors:\n${errorMessages}`);
94
+ for (const imageName of opts.imageNames) {
95
+ const attestationDigests = yield this.imageTools.attestationDigests(`${imageName}@${opts.imageDigest}`);
96
+ for (const attestationDigest of attestationDigests) {
97
+ const attestationRef = `${imageName}@${attestationDigest}`;
98
+ yield core.group(`Signing attestation manifest ${attestationRef}`, () => __awaiter(this, void 0, void 0, function* () {
99
+ // prettier-ignore
100
+ const cosignArgs = [
101
+ '--verbose',
102
+ 'sign',
103
+ '--yes',
104
+ '--oidc-provider', 'github-actions',
105
+ '--registry-referrers-mode', 'oci-1-1',
106
+ '--new-bundle-format',
107
+ '--use-signing-config'
108
+ ];
109
+ if (noTransparencyLog) {
110
+ cosignArgs.push('--tlog-upload=false');
124
111
  }
125
- else {
126
- throw new Error(`Cosign sign command failed with exit code ${execRes.exitCode}`);
112
+ core.info(`[command]cosign ${[...cosignArgs, attestationRef].join(' ')}`);
113
+ const execRes = yield exec_1.Exec.getExecOutput('cosign', [...cosignArgs, attestationRef], {
114
+ ignoreReturnCode: true,
115
+ silent: true,
116
+ env: Object.assign({}, process.env, {
117
+ COSIGN_EXPERIMENTAL: '1'
118
+ })
119
+ });
120
+ const signResult = cosign_1.Cosign.parseCommandOutput(execRes.stderr.trim());
121
+ if (execRes.exitCode != 0) {
122
+ if (signResult.errors && signResult.errors.length > 0) {
123
+ const errorMessages = signResult.errors.map(e => `- [${e.code}] ${e.message} : ${e.detail}`).join('\n');
124
+ throw new Error(`Cosign sign command failed with errors:\n${errorMessages}`);
125
+ }
126
+ else {
127
+ throw new Error(`Cosign sign command failed with exit code ${execRes.exitCode}`);
128
+ }
127
129
  }
128
- }
129
- const attest = Sigstore.toAttestation((0, bundle_1.bundleFromJSON)(signResult.bundle));
130
- if (attest.tlogID) {
131
- core.info(`Uploaded to Rekor transparency log: ${sigstore_1.SEARCH_URL}?logIndex=${attest.tlogID}`);
132
- }
133
- core.info(`Signature manifest pushed: https://oci.dag.dev/?referrers=${attestationRef}`);
134
- result[attestationRef] = Object.assign(Object.assign({}, attest), { imageName: opts.imageName });
135
- }));
130
+ const parsedBundle = Sigstore.parseBundle((0, bundle_1.bundleFromJSON)(signResult.bundle));
131
+ if (parsedBundle.tlogID) {
132
+ core.info(`Uploaded to Rekor transparency log: ${sigstore_1.SEARCH_URL}?logIndex=${parsedBundle.tlogID}`);
133
+ }
134
+ core.info(`Signature manifest pushed: https://oci.dag.dev/?referrers=${attestationRef}`);
135
+ result[attestationRef] = Object.assign(Object.assign({}, parsedBundle), { imageName: imageName });
136
+ }));
137
+ }
136
138
  }
137
139
  }
138
140
  catch (err) {
@@ -229,24 +231,24 @@ class Sigstore {
229
231
  core.warning(`No subjects found in provenance ${p}, skip signing.`);
230
232
  return;
231
233
  }
232
- const bundle = yield (0, sign_1.signPayload)({
233
- body: blob,
234
+ const bundle = yield Sigstore.signPayload({
235
+ data: blob,
234
236
  type: intoto_1.MEDIATYPE_PAYLOAD
235
237
  }, endpoints);
236
- const attest = Sigstore.toAttestation(bundle);
238
+ const parsedBundle = Sigstore.parseBundle(bundle);
237
239
  core.info(`Provenance blob signed for:`);
238
240
  for (const subject of subjects) {
239
241
  const [digestAlg, digestValue] = Object.entries(subject.digest)[0] || [];
240
242
  core.info(` - ${subject.name} (${digestAlg}:${digestValue})`);
241
243
  }
242
- if (attest.tlogID) {
243
- core.info(`Attestation signature uploaded to Rekor transparency log: ${sigstore_1.SEARCH_URL}?logIndex=${attest.tlogID}`);
244
+ if (parsedBundle.tlogID) {
245
+ core.info(`Attestation signature uploaded to Rekor transparency log: ${sigstore_1.SEARCH_URL}?logIndex=${parsedBundle.tlogID}`);
244
246
  }
245
247
  core.info(`Writing Sigstore bundle to: ${bundlePath}`);
246
- fs_1.default.writeFileSync(bundlePath, JSON.stringify(attest.bundle, null, 2), {
248
+ fs_1.default.writeFileSync(bundlePath, JSON.stringify(parsedBundle.payload, null, 2), {
247
249
  encoding: 'utf-8'
248
250
  });
249
- result[p] = Object.assign(Object.assign({}, attest), { bundlePath: bundlePath, subjects: subjects });
251
+ result[p] = Object.assign(Object.assign({}, parsedBundle), { bundlePath: bundlePath, subjects: subjects });
250
252
  }));
251
253
  }
252
254
  }
@@ -334,8 +336,34 @@ class Sigstore {
334
336
  digest: s.digest
335
337
  }));
336
338
  }
337
- // https://github.com/actions/toolkit/blob/d3ab50471b4ff1d1274dffb90ef9c5d9949b4886/packages/attest/src/attest.ts#L90
338
- static toAttestation(bundle) {
339
+ static signPayload(artifact, endpoints, timeout, retries) {
340
+ return __awaiter(this, void 0, void 0, function* () {
341
+ const witnesses = [];
342
+ const signer = new sign_1.FulcioSigner({
343
+ identityProvider: new sign_1.CIContextProvider('sigstore'),
344
+ fulcioBaseURL: endpoints.fulcioURL,
345
+ timeout: timeout,
346
+ retry: retries
347
+ });
348
+ if (endpoints.rekorURL) {
349
+ witnesses.push(new sign_1.RekorWitness({
350
+ rekorBaseURL: endpoints.rekorURL,
351
+ fetchOnConflict: true,
352
+ timeout: timeout,
353
+ retry: retries
354
+ }));
355
+ }
356
+ if (endpoints.tsaServerURL) {
357
+ witnesses.push(new sign_1.TSAWitness({
358
+ tsaBaseURL: endpoints.tsaServerURL,
359
+ timeout: timeout,
360
+ retry: retries
361
+ }));
362
+ }
363
+ return new sign_1.DSSEBundleBuilder({ signer, witnesses }).create(artifact);
364
+ });
365
+ }
366
+ static parseBundle(bundle) {
339
367
  let certBytes;
340
368
  switch (bundle.verificationMaterial.content.$case) {
341
369
  case 'x509CertificateChain':
@@ -348,11 +376,11 @@ class Sigstore {
348
376
  throw new Error('Bundle must contain an x509 certificate');
349
377
  }
350
378
  const signingCert = new crypto_1.X509Certificate(certBytes);
351
- // Collect transparency log ID if available
379
+ // collect transparency log ID if available
352
380
  const tlogEntries = bundle.verificationMaterial.tlogEntries;
353
381
  const tlogID = tlogEntries.length > 0 ? tlogEntries[0].logIndex : undefined;
354
382
  return {
355
- bundle: (0, bundle_1.bundleToJSON)(bundle),
383
+ payload: (0, bundle_1.bundleToJSON)(bundle),
356
384
  certificate: signingCert.toString(),
357
385
  tlogID: tlogID
358
386
  };
package/lib/sigstore/sigstore.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"sigstore.js","sourceRoot":"","sources":["../../src/sigstore/sigstore.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,mCAAuC;AACvC,4CAAoB;AACpB,gDAAwB;AAGxB,oDAAsC;AACtC,mDAAqD;AACrD,6CAA8D;AAI9D,6CAAwC;AACxC,kCAA6B;AAC7B,sCAAiC;AACjC,qDAAgD;AAEhD,mDAA8F;AAC9F,yDAA4F;AA+C5F,MAAa,QAAQ;IAInB,YAAY,IAAmB;QAC7B,IAAI,CAAC,MAAM,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,KAAI,IAAI,eAAM,EAAE,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,UAAU,KAAI,IAAI,uBAAU,EAAE,CAAC;IACzD,CAAC;IAEY,wBAAwB,CAAC,IAAkC;;YACtE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,MAAM,GAAmD,EAAE,CAAC;YAClE,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBACrE,MAAM,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAE7E,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;gBAC7G,KAAK,MAAM,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;oBACnD,MAAM,cAAc,GAAG,GAAG,IAAI,CAAC,SAAS,IAAI,iBAAiB,EAAE,CAAC;oBAChE,MAAM,IAAI,CAAC,KAAK,CAAC,gCAAgC,cAAc,EAAE,EAAE,GAAS,EAAE;wBAC5E,kBAAkB;wBAClB,MAAM,UAAU,GAAG;4BACjB,WAAW;4BACX,MAAM;4BACN,OAAO;4BACP,iBAAiB,EAAE,gBAAgB;4BACnC,2BAA2B,EAAE,SAAS;4BACtC,qBAAqB;4BACrB,sBAAsB;yBACvB,CAAC;wBACF,IAAI,iBAAiB,EAAE,CAAC;4BACtB,UAAU,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;wBACzC,CAAC;wBACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;wBAC1E,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;4BAClF,gBAAgB,EAAE,IAAI;4BACtB,MAAM,EAAE,IAAI;4BACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;gCAClC,mBAAmB,EAAE,GAAG;6BACzB,CAEA;yBACF,CAAC,CAAC;wBACH,MAAM,UAAU,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;wBACpE,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;4BAC1B,IAAI,UAAU,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gCACtD,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gCACxG,MAAM,IAAI,KAAK,CAAC,4CAA4C,aAAa,EAAE,CAAC,CAAC;4BAC/E,CAAC;iCAAM,CAAC;gCACN,MAAM,IAAI,KAAK,CAAC,6CAA6C,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;4BACnF,CAAC;wBACH,CAAC;wBACD,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,IAAA,uBAAc,EAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;wBACzE,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;4BAClB,IAAI,CAAC,IAAI,CAAC,uCAAuC,qBAAU,aAAa,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;wBAC3F,CAAC;wBACD,IAAI,CAAC,IAAI,CAAC,6DAA6D,cAAc,EAAE,CAAC,CAAC;wBACzF,MAAM,CAAC,cAAc,CAAC,mCACjB,MAAM,KACT,SAAS,EAAE,IAAI,CAAC,SAAS,GAC1B,CAAC;oBACJ,CAAC,CAAA,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,kDAAmD,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9F,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,IAA+B,EAAE,MAAsD;;;YACxH,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,MAAM,OAAO,GAAG,MAAA,IAAI,CAAC,OAAO,mCAAI,EAAE,CAAC;YAEnC,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,IAAI,SAA4B,CAAC;YACjC,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,CAAC,KAAK,CAAC,0BAA0B,cAAc,EAAE,EAAE,GAAS,EAAE;oBACtE,kBAAkB;oBAClB,MAAM,UAAU,GAAG;wBACjB,WAAW;wBACX,QAAQ;wBACR,sBAAsB;wBACtB,qBAAqB;wBACrB,2BAA2B,EAAE,6CAA6C;wBAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;qBAChE,CAAC;oBACF,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;wBACtB,+DAA+D;wBAC/D,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;oBACvE,CAAC;oBACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;oBAC1E,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC;wBACnD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;4BAClF,gBAAgB,EAAE,IAAI;4BACtB,MAAM,EAAE,IAAI;4BACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;gCAClC,mBAAmB,EAAE,GAAG;6BACzB,CAA4B;yBAC9B,CAAC,CAAC;wBACH,MAAM,YAAY,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;wBACtE,IAAI,OAAO,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;4BAC3B,MAAM,CAAC,cAAc,CAAC,GAAG;gCACvB,UAAU,EAAE,UAAU;gCACtB,uBAAuB,EAAE,YAAY,CAAC,uBAAwB;6BAC/D,CAAC;4BACF,SAAS,GAAG,SAAS,CAAC;4BACtB,IAAI,CAAC,IAAI,CAAC,2DAA2D,SAAS,CAAC,SAAS,IAAI,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAC;4BACpI,MAAM;wBACR,CAAC;6BAAM,CAAC;4BACN,IAAI,YAAY,CAAC,MAAM,IAAI,YAAY,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gCAC1D,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gCAC1G,SAAS,GAAG,IAAI,KAAK,CAAC,8CAA8C,aAAa,EAAE,CAAC,CAAC;gCACrF,IAAI,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,EAAE,CAAC;oCACjE,IAAI,CAAC,IAAI,CAAC,wEAAwE,OAAO,GAAG,CAAC,IAAI,OAAO,QAAQ,aAAa,EAAE,CAAC,CAAC;oCACjI,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;gCACxE,CAAC;qCAAM,CAAC;oCACN,MAAM,SAAS,CAAC;gCAClB,CAAC;4BACH,CAAC;iCAAM,CAAC;gCACN,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;4BACrE,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,SAAS,CAAC;YAClB,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,mBAAmB,CAAC,IAA6B;;YAC5D,MAAM,MAAM,GAA8C,EAAE,CAAC;YAC7D,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBAErE,MAAM,eAAe,GAAG,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBAC1D,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;oBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,EAAE,GAAS,EAAE;;wBAC1C,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;wBAChC,MAAM,UAAU,GAAG,cAAI,CAAC,IAAI,CAAC,cAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,MAAA,IAAI,CAAC,IAAI,mCAAI,YAAY,gBAAgB,CAAC,CAAC;wBAC5F,MAAM,QAAQ,GAAG,QAAQ,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;4BAC1B,IAAI,CAAC,OAAO,CAAC,mCAAmC,CAAC,iBAAiB,CAAC,CAAC;4BACpE,OAAO;wBACT,CAAC;wBACD,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAW,EAC9B;4BACE,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,0BAAwB;yBAC/B,EACD,SAAS,CACV,CAAC;wBACF,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;wBAC9C,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;wBACzC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;4BAC/B,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;4BACzE,IAAI,CAAC,IAAI,CAAC,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,WAAW,GAAG,CAAC,CAAC;wBACjE,CAAC;wBACD,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;4BAClB,IAAI,CAAC,IAAI,CAAC,6DAA6D,qBAAU,aAAa,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;wBACjH,CAAC;wBACD,IAAI,CAAC,IAAI,CAAC,+BAA+B,UAAU,EAAE,CAAC,CAAC;wBACvD,YAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;4BACnE,QAAQ,EAAE,OAAO;yBAClB,CAAC,CAAC;wBACH,MAAM,CAAC,CAAC,CAAC,mCACJ,MAAM,KACT,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,QAAQ,GACnB,CAAC;oBACJ,CAAC,CAAA,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,6CAA8C,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACzF,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,IAA+B,EAAE,MAAiD;;YACnH,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YACD,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,MAAM,OAAO,GAAG,cAAI,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;gBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,8BAA8B,SAAS,CAAC,UAAU,EAAE,EAAE,GAAS,EAAE;oBAChF,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;wBACzC,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,CAAC,IAAI,CAAC,6BAA6B,YAAY,EAAE,CAAC,CAAC;wBACvD,kBAAkB;wBAClB,MAAM,UAAU,GAAG;4BACjB,yBAAyB;4BACzB,qBAAqB;4BACrB,2BAA2B,EAAE,6CAA6C;4BAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;yBAChE,CAAA;wBACD,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;4BACtB,6FAA6F;4BAC7F,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;wBACvE,CAAC;wBACD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,GAAG,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,UAAU,EAAE,YAAY,CAAC,EAAE;4BAClH,gBAAgB,EAAE,IAAI;yBACvB,CAAC,CAAC;wBACH,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;4BACvD,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;wBAClC,CAAC;wBACD,MAAM,CAAC,YAAY,CAAC,GAAG;4BACrB,UAAU,EAAE,SAAS,CAAC,UAAU;4BAChC,UAAU,EAAE,UAAU;yBACvB,CAAC;oBACJ,CAAC;gBACH,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEO,gBAAgB,CAAC,iBAA2B;QAClD,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,+BAA+B,iBAAiB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QACvF,OAAO;YACL,SAAS,EAAE,qBAAU;YACrB,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,oBAAS;YACnD,YAAY,EAAE,wBAAa;SAC5B,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,iBAAiB,CAAC,iBAA2B;;QAC1D,OAAO,iBAAiB,aAAjB,iBAAiB,cAAjB,iBAAiB,GAAI,MAAA,eAAM,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,0CAAE,OAAO,CAAC;IACzE,CAAC;IAEO,MAAM,CAAC,kBAAkB,CAAC,IAA6B;QAC7D,4BAA4B;QAC5B,MAAM,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAC;QAC3E,IAAI,YAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpC,OAAO,EAAC,CAAC,gBAAgB,CAAC,EAAE,YAAE,CAAC,YAAY,CAAC,gBAAgB,CAAC,EAAC,CAAC;QACjE,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAG,YAAE,CAAC,WAAW,CAAC,IAAI,CAAC,cAAc,EAAE,EAAC,aAAa,EAAE,IAAI,EAAC,CAAC,CAAC;QAC3E,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;QACvE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,eAAe,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,IAAI,eAAe,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9M,MAAM,MAAM,GAA2B,EAAE,CAAC;YAC1C,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;gBAC7C,MAAM,CAAC,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;gBACjF,MAAM,CAAC,CAAC,CAAC,GAAG,YAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACjC,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,qCAAqC,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;IAC9E,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,IAAY;QAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAE3C,CAAC;QACF,OAAO,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACjC,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,MAAM,EAAE,CAAC,CAAC,MAAM;SACjB,CAAC,CAAC,CAAC;IACN,CAAC;IAED,qHAAqH;IAC7G,MAAM,CAAC,aAAa,CAAC,MAAc;QACzC,IAAI,SAAiB,CAAC;QACtB,QAAQ,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YAClD,KAAK,sBAAsB;gBACzB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;gBAC9F,MAAM;YACR,KAAK,aAAa;gBAChB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC;gBACrE,MAAM;YACR;gBACE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC/D,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,wBAAe,CAAC,SAAS,CAAC,CAAC;QAEnD,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,oBAAoB,CAAC,WAAW,CAAC;QAC5D,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5E,OAAO;YACL,MAAM,EAAE,IAAA,qBAAY,EAAC,MAAM,CAAC;YAC5B,WAAW,EAAE,WAAW,CAAC,QAAQ,EAAE;YACnC,MAAM,EAAE,MAAM;SACf,CAAC;IACJ,CAAC;CACF;AAjTD,4BAiTC"}
1
+ {"version":3,"file":"sigstore.js","sourceRoot":"","sources":["../../src/sigstore/sigstore.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,mCAAuC;AACvC,4CAAoB;AACpB,gDAAwB;AAExB,oDAAsC;AACtC,6CAA8D;AAC9D,yCAAuI;AAEvI,6CAAwC;AACxC,kCAA6B;AAC7B,sCAAiC;AACjC,qDAAgD;AAEhD,mDAA8F;AAC9F,yDAeoC;AAOpC,MAAa,QAAQ;IAInB,YAAY,IAAmB;QAC7B,IAAI,CAAC,MAAM,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,KAAI,IAAI,eAAM,EAAE,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,UAAU,KAAI,IAAI,uBAAU,EAAE,CAAC;IACzD,CAAC;IAEY,wBAAwB,CAAC,IAAkC;;YACtE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,MAAM,GAAmD,EAAE,CAAC;YAClE,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBACrE,MAAM,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAE7E,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;oBACxC,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,GAAG,SAAS,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;oBACxG,KAAK,MAAM,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;wBACnD,MAAM,cAAc,GAAG,GAAG,SAAS,IAAI,iBAAiB,EAAE,CAAC;wBAC3D,MAAM,IAAI,CAAC,KAAK,CAAC,gCAAgC,cAAc,EAAE,EAAE,GAAS,EAAE;4BAC5E,kBAAkB;4BAClB,MAAM,UAAU,GAAG;gCACnB,WAAW;gCACX,MAAM;gCACN,OAAO;gCACP,iBAAiB,EAAE,gBAAgB;gCACnC,2BAA2B,EAAE,SAAS;gCACtC,qBAAqB;gCACrB,sBAAsB;6BACvB,CAAC;4BACA,IAAI,iBAAiB,EAAE,CAAC;gCACtB,UAAU,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;4BACzC,CAAC;4BACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;4BAC1E,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;gCAClF,gBAAgB,EAAE,IAAI;gCACtB,MAAM,EAAE,IAAI;gCACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;oCAClC,mBAAmB,EAAE,GAAG;iCACzB,CAEA;6BACF,CAAC,CAAC;4BACH,MAAM,UAAU,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;4BACpE,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;gCAC1B,IAAI,UAAU,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oCACtD,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oCACxG,MAAM,IAAI,KAAK,CAAC,4CAA4C,aAAa,EAAE,CAAC,CAAC;gCAC/E,CAAC;qCAAM,CAAC;oCACN,MAAM,IAAI,KAAK,CAAC,6CAA6C,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;gCACnF,CAAC;4BACH,CAAC;4BACD,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,IAAA,uBAAc,EAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;4BAC7E,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;gCACxB,IAAI,CAAC,IAAI,CAAC,uCAAuC,qBAAU,aAAa,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;4BACjG,CAAC;4BACD,IAAI,CAAC,IAAI,CAAC,6DAA6D,cAAc,EAAE,CAAC,CAAC;4BACzF,MAAM,CAAC,cAAc,CAAC,mCACjB,YAAY,KACf,SAAS,EAAE,SAAS,GACrB,CAAC;wBACJ,CAAC,CAAA,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,kDAAmD,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9F,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,IAA+B,EAAE,MAAsD;;;YACxH,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,MAAM,OAAO,GAAG,MAAA,IAAI,CAAC,OAAO,mCAAI,EAAE,CAAC;YAEnC,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,IAAI,SAA4B,CAAC;YACjC,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,CAAC,KAAK,CAAC,0BAA0B,cAAc,EAAE,EAAE,GAAS,EAAE;oBACtE,kBAAkB;oBAClB,MAAM,UAAU,GAAG;wBACjB,WAAW;wBACX,QAAQ;wBACR,sBAAsB;wBACtB,qBAAqB;wBACrB,2BAA2B,EAAE,6CAA6C;wBAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;qBAChE,CAAC;oBACF,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;wBACtB,+DAA+D;wBAC/D,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;oBACvE,CAAC;oBACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;oBAC1E,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC;wBACnD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;4BAClF,gBAAgB,EAAE,IAAI;4BACtB,MAAM,EAAE,IAAI;4BACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;gCAClC,mBAAmB,EAAE,GAAG;6BACzB,CAA4B;yBAC9B,CAAC,CAAC;wBACH,MAAM,YAAY,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;wBACtE,IAAI,OAAO,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;4BAC3B,MAAM,CAAC,cAAc,CAAC,GAAG;gCACvB,UAAU,EAAE,UAAU;gCACtB,uBAAuB,EAAE,YAAY,CAAC,uBAAwB;6BAC/D,CAAC;4BACF,SAAS,GAAG,SAAS,CAAC;4BACtB,IAAI,CAAC,IAAI,CAAC,2DAA2D,SAAS,CAAC,SAAS,IAAI,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAC;4BACpI,MAAM;wBACR,CAAC;6BAAM,CAAC;4BACN,IAAI,YAAY,CAAC,MAAM,IAAI,YAAY,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gCAC1D,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gCAC1G,SAAS,GAAG,IAAI,KAAK,CAAC,8CAA8C,aAAa,EAAE,CAAC,CAAC;gCACrF,IAAI,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,EAAE,CAAC;oCACjE,IAAI,CAAC,IAAI,CAAC,wEAAwE,OAAO,GAAG,CAAC,IAAI,OAAO,QAAQ,aAAa,EAAE,CAAC,CAAC;oCACjI,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;gCACxE,CAAC;qCAAM,CAAC;oCACN,MAAM,SAAS,CAAC;gCAClB,CAAC;4BACH,CAAC;iCAAM,CAAC;gCACN,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;4BACrE,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,SAAS,CAAC;YAClB,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,mBAAmB,CAAC,IAA6B;;YAC5D,MAAM,MAAM,GAA8C,EAAE,CAAC;YAC7D,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBAErE,MAAM,eAAe,GAAG,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBAC1D,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;oBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,EAAE,GAAS,EAAE;;wBAC1C,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;wBAChC,MAAM,UAAU,GAAG,cAAI,CAAC,IAAI,CAAC,cAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,MAAA,IAAI,CAAC,IAAI,mCAAI,YAAY,gBAAgB,CAAC,CAAC;wBAC5F,MAAM,QAAQ,GAAG,QAAQ,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;4BAC1B,IAAI,CAAC,OAAO,CAAC,mCAAmC,CAAC,iBAAiB,CAAC,CAAC;4BACpE,OAAO;wBACT,CAAC;wBACD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,WAAW,CACvC;4BACE,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,0BAAwB;yBAC/B,EACD,SAAS,CACV,CAAC;wBACF,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;wBAClD,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;wBACzC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;4BAC/B,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;4BACzE,IAAI,CAAC,IAAI,CAAC,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,WAAW,GAAG,CAAC,CAAC;wBACjE,CAAC;wBACD,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;4BACxB,IAAI,CAAC,IAAI,CAAC,6DAA6D,qBAAU,aAAa,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;wBACvH,CAAC;wBACD,IAAI,CAAC,IAAI,CAAC,+BAA+B,UAAU,EAAE,CAAC,CAAC;wBACvD,YAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;4BAC1E,QAAQ,EAAE,OAAO;yBAClB,CAAC,CAAC;wBACH,MAAM,CAAC,CAAC,CAAC,mCACJ,YAAY,KACf,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,QAAQ,GACnB,CAAC;oBACJ,CAAC,CAAA,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,6CAA8C,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACzF,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,IAA+B,EAAE,MAAiD;;YACnH,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YACD,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,MAAM,OAAO,GAAG,cAAI,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;gBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,8BAA8B,SAAS,CAAC,UAAU,EAAE,EAAE,GAAS,EAAE;oBAChF,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;wBACzC,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,CAAC,IAAI,CAAC,6BAA6B,YAAY,EAAE,CAAC,CAAC;wBACvD,kBAAkB;wBAClB,MAAM,UAAU,GAAG;4BACjB,yBAAyB;4BACzB,qBAAqB;4BACrB,2BAA2B,EAAE,6CAA6C;4BAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;yBAChE,CAAA;wBACD,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;4BACtB,6FAA6F;4BAC7F,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;wBACvE,CAAC;wBACD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,GAAG,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,UAAU,EAAE,YAAY,CAAC,EAAE;4BAClH,gBAAgB,EAAE,IAAI;yBACvB,CAAC,CAAC;wBACH,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;4BACvD,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;wBAClC,CAAC;wBACD,MAAM,CAAC,YAAY,CAAC,GAAG;4BACrB,UAAU,EAAE,SAAS,CAAC,UAAU;4BAChC,UAAU,EAAE,UAAU;yBACvB,CAAC;oBACJ,CAAC;gBACH,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEO,gBAAgB,CAAC,iBAA2B;QAClD,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,+BAA+B,iBAAiB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QACvF,OAAO;YACL,SAAS,EAAE,qBAAU;YACrB,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,oBAAS;YACnD,YAAY,EAAE,wBAAa;SAC5B,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,iBAAiB,CAAC,iBAA2B;;QAC1D,OAAO,iBAAiB,aAAjB,iBAAiB,cAAjB,iBAAiB,GAAI,MAAA,eAAM,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,0CAAE,OAAO,CAAC;IACzE,CAAC;IAEO,MAAM,CAAC,kBAAkB,CAAC,IAA6B;QAC7D,4BAA4B;QAC5B,MAAM,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAC;QAC3E,IAAI,YAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpC,OAAO,EAAC,CAAC,gBAAgB,CAAC,EAAE,YAAE,CAAC,YAAY,CAAC,gBAAgB,CAAC,EAAC,CAAC;QACjE,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAG,YAAE,CAAC,WAAW,CAAC,IAAI,CAAC,cAAc,EAAE,EAAC,aAAa,EAAE,IAAI,EAAC,CAAC,CAAC;QAC3E,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;QACvE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,eAAe,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,IAAI,eAAe,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9M,MAAM,MAAM,GAA2B,EAAE,CAAC;YAC1C,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;gBAC7C,MAAM,CAAC,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;gBACjF,MAAM,CAAC,CAAC,CAAC,GAAG,YAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACjC,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,qCAAqC,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;IAC9E,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,IAAY;QAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAE3C,CAAC;QACF,OAAO,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACjC,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,MAAM,EAAE,CAAC,CAAC,MAAM;SACjB,CAAC,CAAC,CAAC;IACN,CAAC;IAEO,MAAM,CAAO,WAAW,CAAC,QAAkB,EAAE,SAAoB,EAAE,OAAgB,EAAE,OAAgB;;YAC3G,MAAM,SAAS,GAAc,EAAE,CAAC;YAEhC,MAAM,MAAM,GAAG,IAAI,mBAAY,CAAC;gBAC9B,gBAAgB,EAAE,IAAI,wBAAiB,CAAC,UAAU,CAAC;gBACnD,aAAa,EAAE,SAAS,CAAC,SAAS;gBAClC,OAAO,EAAE,OAAO;gBAChB,KAAK,EAAE,OAAO;aACf,CAAC,CAAC;YAEH,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;gBACvB,SAAS,CAAC,IAAI,CACZ,IAAI,mBAAY,CAAC;oBACf,YAAY,EAAE,SAAS,CAAC,QAAQ;oBAChC,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,OAAO;oBAChB,KAAK,EAAE,OAAO;iBACf,CAAC,CACH,CAAC;YACJ,CAAC;YAED,IAAI,SAAS,CAAC,YAAY,EAAE,CAAC;gBAC3B,SAAS,CAAC,IAAI,CACZ,IAAI,iBAAU,CAAC;oBACb,UAAU,EAAE,SAAS,CAAC,YAAY;oBAClC,OAAO,EAAE,OAAO;oBAChB,KAAK,EAAE,OAAO;iBACf,CAAC,CACH,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,wBAAiB,CAAC,EAAC,MAAM,EAAE,SAAS,EAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrE,CAAC;KAAA;IAEO,MAAM,CAAC,WAAW,CAAC,MAAc;QACvC,IAAI,SAAiB,CAAC;QACtB,QAAQ,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YAClD,KAAK,sBAAsB;gBACzB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;gBAC9F,MAAM;YACR,KAAK,aAAa;gBAChB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC;gBACrE,MAAM;YACR;gBACE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC/D,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,wBAAe,CAAC,SAAS,CAAC,CAAC;QAEnD,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,oBAAoB,CAAC,WAAW,CAAC;QAC5D,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5E,OAAO;YACL,OAAO,EAAE,IAAA,qBAAY,EAAC,MAAM,CAAC;YAC7B,WAAW,EAAE,WAAW,CAAC,QAAQ,EAAE;YACnC,MAAM,EAAE,MAAM;SACf,CAAC;IACJ,CAAC;CACF;AApVD,4BAoVC"}
package/lib/types/sigstore/sigstore.d.ts CHANGED
@@ -13,7 +13,51 @@
13
13
  * See the License for the specific language governing permissions and
14
14
  * limitations under the License.
15
15
  */
16
+ import type { SerializedBundle } from '@sigstore/bundle';
17
+ import { Subject } from '../intoto/intoto';
16
18
  export declare const FULCIO_URL = "https://fulcio.sigstore.dev";
17
19
  export declare const REKOR_URL = "https://rekor.sigstore.dev";
18
20
  export declare const TSASERVER_URL = "https://timestamp.sigstore.dev";
19
21
  export declare const SEARCH_URL = "https://search.sigstore.dev";
22
+ export interface Endpoints {
23
+ fulcioURL: string;
24
+ rekorURL?: string;
25
+ tsaServerURL?: string;
26
+ }
27
+ export interface ParsedBundle {
28
+ payload: SerializedBundle;
29
+ certificate: string;
30
+ tlogID?: string;
31
+ }
32
+ export interface SignAttestationManifestsOpts {
33
+ imageNames: Array<string>;
34
+ imageDigest: string;
35
+ noTransparencyLog?: boolean;
36
+ }
37
+ export interface SignAttestationManifestsResult extends ParsedBundle {
38
+ imageName: string;
39
+ }
40
+ export interface VerifySignedManifestsOpts {
41
+ certificateIdentityRegexp: string;
42
+ retries?: number;
43
+ }
44
+ export interface VerifySignedManifestsResult {
45
+ cosignArgs: Array<string>;
46
+ signatureManifestDigest: string;
47
+ }
48
+ export interface SignProvenanceBlobsOpts {
49
+ localExportDir: string;
50
+ name?: string;
51
+ noTransparencyLog?: boolean;
52
+ }
53
+ export interface SignProvenanceBlobsResult extends ParsedBundle {
54
+ bundlePath: string;
55
+ subjects: Array<Subject>;
56
+ }
57
+ export interface VerifySignedArtifactsOpts {
58
+ certificateIdentityRegexp: string;
59
+ }
60
+ export interface VerifySignedArtifactsResult {
61
+ bundlePath: string;
62
+ cosignArgs: Array<string>;
63
+ }
package/lib/types/sigstore/sigstore.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"sigstore.js","sourceRoot":"","sources":["../../../src/types/sigstore/sigstore.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;AAEU,QAAA,UAAU,GAAG,6BAA6B,CAAC;AAC3C,QAAA,SAAS,GAAG,4BAA4B,CAAC;AACzC,QAAA,aAAa,GAAG,gCAAgC,CAAC;AACjD,QAAA,UAAU,GAAG,6BAA6B,CAAC"}
1
+ {"version":3,"file":"sigstore.js","sourceRoot":"","sources":["../../../src/types/sigstore/sigstore.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;AAMU,QAAA,UAAU,GAAG,6BAA6B,CAAC;AAC3C,QAAA,SAAS,GAAG,4BAA4B,CAAC;AACzC,QAAA,aAAa,GAAG,gCAAgC,CAAC;AACjD,QAAA,UAAU,GAAG,6BAA6B,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@docker/actions-toolkit",
3
- "version": "0.65.0",
3
+ "version": "0.67.0",
4
4
  "description": "Toolkit for Docker (GitHub) Actions",
5
5
  "scripts": {
6
6
  "build": "tsc",
@@ -46,7 +46,6 @@
46
46
  },
47
47
  "dependencies": {
48
48
  "@actions/artifact": "^4.0.0",
49
- "@actions/attest": "^2.0.0",
50
49
  "@actions/cache": "^4.1.0",
51
50
  "@actions/core": "^1.11.1",
52
51
  "@actions/exec": "^1.1.1",
@@ -57,8 +56,8 @@
57
56
  "@azure/storage-blob": "^12.15.0",
58
57
  "@octokit/core": "^5.2.2",
59
58
  "@octokit/plugin-rest-endpoint-methods": "^10.4.1",
60
- "@sigstore/bundle": "^3.1.0",
61
- "@sigstore/sign": "^3.1.0",
59
+ "@sigstore/bundle": "^4.0.0",
60
+ "@sigstore/sign": "^4.0.1",
62
61
  "async-retry": "^1.3.3",
63
62
  "csv-parse": "^6.1.0",
64
63
  "gunzip-maybe": "^1.4.2",
@@ -71,7 +70,6 @@
71
70
  "tmp": "^0.2.5"
72
71
  },
73
72
  "devDependencies": {
74
- "@sigstore/mock": "^0.10.0",
75
73
  "@sigstore/rekor-types": "^3.0.0",
76
74
  "@types/gunzip-maybe": "^1.4.2",
77
75
  "@types/he": "^1.2.3",