@docker/actions-toolkit 0.71.0 → 0.73.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cosign/cosign.js +2 -4
- package/lib/cosign/cosign.js.map +1 -1
- package/lib/git.js +5 -4
- package/lib/git.js.map +1 -1
- package/lib/sigstore/sigstore.d.ts +4 -2
- package/lib/sigstore/sigstore.js +83 -57
- package/lib/sigstore/sigstore.js.map +1 -1
- package/lib/types/sigstore/sigstore.d.ts +2 -0
- package/package.json +11 -11
package/lib/cosign/cosign.js
CHANGED
|
@@ -162,13 +162,11 @@ class Cosign {
|
|
|
162
162
|
if (!bundlePayload && obj && obj.mediaType === bundle_1.BUNDLE_V03_MEDIA_TYPE) {
|
|
163
163
|
bundlePayload = obj;
|
|
164
164
|
}
|
|
165
|
-
if (bundlePayload && signatureManifestDigest) {
|
|
165
|
+
if (bundlePayload && (signatureManifestDigest || signatureManifestFallbackDigest)) {
|
|
166
|
+
errors = undefined; // clear errors if we have both payload and manifest digest
|
|
166
167
|
break;
|
|
167
168
|
}
|
|
168
169
|
}
|
|
169
|
-
if (!errors && !bundlePayload) {
|
|
170
|
-
throw new Error(`Cannot find signature bundle from cosign command output: ${logs}`);
|
|
171
|
-
}
|
|
172
170
|
return {
|
|
173
171
|
bundle: bundlePayload,
|
|
174
172
|
signatureManifestDigest: signatureManifestDigest || signatureManifestFallbackDigest,
|
package/lib/cosign/cosign.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cosign.js","sourceRoot":"","sources":["../../src/cosign/cosign.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,oDAAsC;AACtC,6CAAyE;AAEzE,kCAA6B;AAC7B,+CAAiC;AACjC,sDAA+D;AAkB/D,MAAa,MAAM;IAKjB,YAAY,IAAiB;QAC3B,IAAI,CAAC,OAAO,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,KAAI,QAAQ,CAAC;QACzC,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,YAAY,GAAG,KAAK,CAAC;IAC5B,CAAC;IAEY,WAAW;;YACtB,MAAM,EAAE,GAAY,MAAM,WAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,EAAE;gBAC7D,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;aACb,CAAC;iBACC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACV,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;oBAC/C,IAAI,CAAC,KAAK,CAAC,+BAA+B,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAC/D,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,OAAO,GAAG,CAAC,QAAQ,IAAI,CAAC,CAAC;YAC3B,CAAC,CAAC;iBACD,KAAK,CAAC,KAAK,CAAC,EAAE;gBACb,IAAI,CAAC,KAAK,CAAC,6BAA6B,KAAK,EAAE,CAAC,CAAC;gBACjD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;YAEL,IAAI,CAAC,KAAK,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC;YACxC,OAAO,EAAE,CAAC;QACZ,CAAC;KAAA;IAEY,OAAO;;YAClB,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBACtB,OAAO,IAAI,CAAC,QAAQ,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;YACzB,IAAI,CAAC,QAAQ,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;gBAC5E,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;aACb,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACZ,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;oBAC/C,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;gBACrC,CAAC;gBACD,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,UAAU,CAAC;YAClD,CAAC,CAAC,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;KAAA;IAEY,YAAY;;YACvB,MAAM,WAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;gBACnD,YAAY,EAAE,KAAK;aACpB,CAAC,CAAC;QACL,CAAC;KAAA;IAEY,gBAAgB,CAAC,KAAa,EAAE,OAAgB;;YAC3D,MAAM,GAAG,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,CAAC,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9C,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,IAAI,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;gBAC/D,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC;YAC/E,IAAI,CAAC,KAAK,CAAC,2BAA2B,GAAG,eAAe,KAAK,KAAK,GAAG,EAAE,CAAC,CAAC;YACzE,OAAO,GAAG,CAAC;QACb,CAAC;KAAA;IAEM,MAAM,CAAC,kBAAkB,CAAC,IAAY;QAC3C,IAAI,uBAA2C,CAAC;QAChD,IAAI,+BAAmD,CAAC;QACxD,IAAI,aAA2C,CAAC;QAChD,IAAI,MAA6C,CAAC;QAElD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;YAC5B,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACjD,SAAS;YACX,CAAC;YAED,8DAA8D;YAC9D,IAAI,GAAQ,CAAC;YACb,IAAI,CAAC;gBACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACzB,CAAC;YAAC,WAAM,CAAC;gBACP,SAAS;YACX,CAAC;YAED,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9D,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;YACtB,CAAC;YAED,4BAA4B;YAC5B,IAAI,CAAC,uBAAuB,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChG,MAAM,EAAE,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;gBAC5B,IAAI,CAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,YAAY,MAAK,8BAAqB,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBAChF,uBAAuB,GAAG,EAAE,CAAC,MAAM,CAAC;gBACtC,CAAC;qBAAM,IAAI,CAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,YAAY,MAAK,mCAAuB,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBACzF,+BAA+B,GAAG,EAAE,CAAC,MAAM,CAAC;gBAC9C,CAAC;YACH,CAAC;YAED,oBAAoB;YACpB,IAAI,CAAC,aAAa,IAAI,GAAG,IAAI,GAAG,CAAC,SAAS,KAAK,8BAAqB,EAAE,CAAC;gBACrE,aAAa,GAAG,GAAuB,CAAC;YAC1C,CAAC;YAED,IAAI,aAAa,IAAI,
|
|
1
|
+
{"version":3,"file":"cosign.js","sourceRoot":"","sources":["../../src/cosign/cosign.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,oDAAsC;AACtC,6CAAyE;AAEzE,kCAA6B;AAC7B,+CAAiC;AACjC,sDAA+D;AAkB/D,MAAa,MAAM;IAKjB,YAAY,IAAiB;QAC3B,IAAI,CAAC,OAAO,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,KAAI,QAAQ,CAAC;QACzC,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,YAAY,GAAG,KAAK,CAAC;IAC5B,CAAC;IAEY,WAAW;;YACtB,MAAM,EAAE,GAAY,MAAM,WAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,EAAE;gBAC7D,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;aACb,CAAC;iBACC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACV,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;oBAC/C,IAAI,CAAC,KAAK,CAAC,+BAA+B,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAC/D,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,OAAO,GAAG,CAAC,QAAQ,IAAI,CAAC,CAAC;YAC3B,CAAC,CAAC;iBACD,KAAK,CAAC,KAAK,CAAC,EAAE;gBACb,IAAI,CAAC,KAAK,CAAC,6BAA6B,KAAK,EAAE,CAAC,CAAC;gBACjD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;YAEL,IAAI,CAAC,KAAK,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC;YACxC,OAAO,EAAE,CAAC;QACZ,CAAC;KAAA;IAEY,OAAO;;YAClB,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBACtB,OAAO,IAAI,CAAC,QAAQ,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;YACzB,IAAI,CAAC,QAAQ,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;gBAC5E,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;aACb,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACZ,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;oBAC/C,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;gBACrC,CAAC;gBACD,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,UAAU,CAAC;YAClD,CAAC,CAAC,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;KAAA;IAEY,YAAY;;YACvB,MAAM,WAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;gBACnD,YAAY,EAAE,KAAK;aACpB,CAAC,CAAC;QACL,CAAC;KAAA;IAEY,gBAAgB,CAAC,KAAa,EAAE,OAAgB;;YAC3D,MAAM,GAAG,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,CAAC,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9C,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,IAAI,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;gBAC/D,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC;YAC/E,IAAI,CAAC,KAAK,CAAC,2BAA2B,GAAG,eAAe,KAAK,KAAK,GAAG,EAAE,CAAC,CAAC;YACzE,OAAO,GAAG,CAAC;QACb,CAAC;KAAA;IAEM,MAAM,CAAC,kBAAkB,CAAC,IAAY;QAC3C,IAAI,uBAA2C,CAAC;QAChD,IAAI,+BAAmD,CAAC;QACxD,IAAI,aAA2C,CAAC;QAChD,IAAI,MAA6C,CAAC;QAElD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;YAC5B,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACjD,SAAS;YACX,CAAC;YAED,8DAA8D;YAC9D,IAAI,GAAQ,CAAC;YACb,IAAI,CAAC;gBACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACzB,CAAC;YAAC,WAAM,CAAC;gBACP,SAAS;YACX,CAAC;YAED,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9D,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;YACtB,CAAC;YAED,4BAA4B;YAC5B,IAAI,CAAC,uBAAuB,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChG,MAAM,EAAE,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;gBAC5B,IAAI,CAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,YAAY,MAAK,8BAAqB,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBAChF,uBAAuB,GAAG,EAAE,CAAC,MAAM,CAAC;gBACtC,CAAC;qBAAM,IAAI,CAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,YAAY,MAAK,mCAAuB,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBACzF,+BAA+B,GAAG,EAAE,CAAC,MAAM,CAAC;gBAC9C,CAAC;YACH,CAAC;YAED,oBAAoB;YACpB,IAAI,CAAC,aAAa,IAAI,GAAG,IAAI,GAAG,CAAC,SAAS,KAAK,8BAAqB,EAAE,CAAC;gBACrE,aAAa,GAAG,GAAuB,CAAC;YAC1C,CAAC;YAED,IAAI,aAAa,IAAI,CAAC,uBAAuB,IAAI,+BAA+B,CAAC,EAAE,CAAC;gBAClF,MAAM,GAAG,SAAS,CAAC,CAAC,2DAA2D;gBAC/E,MAAM;YACR,CAAC;QACH,CAAC;QAED,OAAO;YACL,MAAM,EAAE,aAAa;YACrB,uBAAuB,EAAE,uBAAuB,IAAI,+BAA+B;YACnF,MAAM,EAAE,MAAM;SACf,CAAC;IACJ,CAAC;CACF;AArHD,wBAqHC"}
|
package/lib/git.js
CHANGED
|
@@ -171,15 +171,16 @@ class Git {
|
|
|
171
171
|
return __awaiter(this, void 0, void 0, function* () {
|
|
172
172
|
const res = yield Git.exec(['show', '-s', '--pretty=%D']);
|
|
173
173
|
core.debug(`detached HEAD ref: ${res}`);
|
|
174
|
-
|
|
174
|
+
const normalizedRef = res.replace(/^grafted, /, '').trim();
|
|
175
|
+
if (normalizedRef === 'HEAD') {
|
|
175
176
|
return yield Git.inferRefFromHead();
|
|
176
177
|
}
|
|
177
178
|
// Can be "HEAD, <tagname>" or "grafted, HEAD, <tagname>"
|
|
178
|
-
const refMatch =
|
|
179
|
-
if (!refMatch || !refMatch[
|
|
179
|
+
const refMatch = normalizedRef.match(/^HEAD, (.*)$/);
|
|
180
|
+
if (!refMatch || !refMatch[1]) {
|
|
180
181
|
throw new Error(`Cannot find detached HEAD ref in "${res}"`);
|
|
181
182
|
}
|
|
182
|
-
const ref = refMatch[
|
|
183
|
+
const ref = refMatch[1].trim();
|
|
183
184
|
// Tag refs are formatted as "tag: <tagname>"
|
|
184
185
|
if (ref.startsWith('tag: ')) {
|
|
185
186
|
return `refs/tags/${ref.split(':')[1].trim()}`;
|
package/lib/git.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"git.js","sourceRoot":"","sources":["../src/git.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,oDAAsC;AACtC,wCAAsC;AACtC,wFAA0E;AAE1E,iCAA4B;AAC5B,qCAAgC;AAChC,yDAAoD;AAIpD,MAAa,GAAG;IACP,MAAM,CAAO,OAAO;;YACzB,MAAM,GAAG,GAAG,IAAI,iBAAO,EAAE,CAAC;YAC1B,GAAG,CAAC,GAAG,GAAG,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC;YAC1B,GAAG,CAAC,GAAG,GAAG,MAAM,GAAG,CAAC,UAAU,EAAE,CAAC;YACjC,OAAO,GAAG,CAAC;QACb,CAAC;KAAA;IAEM,MAAM,CAAO,gBAAgB;;YAClC,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,uBAAuB,CAAC,CAAC;iBAC1D,IAAI,CAAC,GAAG,CAAC,EAAE;gBACV,OAAO,GAAG,KAAK,MAAM,CAAC;YACxB,CAAC,CAAC;iBACD,KAAK,CAAC,GAAG,EAAE;gBACV,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;QACP,CAAC;KAAA;IAEM,MAAM,CAAO,SAAS,CAAC,IAAY,EAAE,GAAW,EAAE,KAAc;;YACrE,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;YAC9E,yEAAyE;YACzE,IAAI,KAAK,IAAI,SAAS,EAAE,CAAC;gBACvB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBACtB,MAAM,OAAO,GAAG,IAAI,CAAC,cAAO,CAAC,MAAM,CAAC,kDAAmB,CAAC,CAAC,QAAQ,CAAC;oBAChE,OAAO,EAAE,eAAM,CAAC,MAAM;iBACvB,CAAC,CAAC,CAAC,EAAC,IAAI,EAAE,KAAK,EAAC,CAAC,CAAC;gBACnB,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAChD,IAAI,CAAC;oBACH,OAAO,CACL,MAAM,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC;wBACnC,KAAK,EAAE,KAAK;wBACZ,IAAI,EAAE,QAAQ;wBACd,GAAG,EAAE,GAAG;wBACR,QAAQ,EAAE,CAAC;qBACZ,CAAC,CACH,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;gBAChB,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,IAAI,GAAG,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC7E,CAAC;YACH,CAAC;YACD,0CAA0C;YAC1C,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACzD,MAAM,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBACnC,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;oBACrB,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC;gBAC/D,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC,CAAC,CAAC;QACL,CAAC;KAAA;IAEM,MAAM,CAAO,SAAS;;YAC3B,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBACjE,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;oBACrB,OAAO,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;wBAC7D,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;4BACrB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;wBACnE,CAAC;wBACD,OAAO,IAAI,CAAC;oBACd,CAAC,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC,CAAC,CAAC;QACL,CAAC;KAAA;IAEM,MAAM,CAAO,GAAG;;YACrB,MAAM,cAAc,GAAG,MAAM,GAAG,CAAC,cAAc,EAAE,CAAC;YAClD,IAAI,cAAc,EAAE,CAAC;gBACnB,OAAO,MAAM,GAAG,CAAC,cAAc,EAAE,CAAC;YACpC,CAAC;YAED,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC,CAAC;QAClD,CAAC;KAAA;IAEM,MAAM,CAAO,UAAU;;YAC5B,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;QAC1E,CAAC;KAAA;IAEM,MAAM,CAAO,WAAW;;YAC7B,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;QAC1E,CAAC;KAAA;IAEM,MAAM,CAAO,GAAG;;YACrB,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,EAAE,sBAAsB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAClG,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;oBACrB,OAAO,GAAG,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC;gBACxD,CAAC;gBACD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7B,CAAC,CAAC,CAAC;QACL,CAAC;KAAA;IAEO,MAAM,CAAO,cAAc;;YACjC,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBAC7D,OAAO,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC;YACzB,CAAC,CAAC,CAAC;QACL,CAAC;KAAA;IAEO,MAAM,CAAO,cAAc;;YACjC,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC;YAC1D,IAAI,CAAC,KAAK,CAAC,sBAAsB,GAAG,EAAE,CAAC,CAAC;YAExC,
|
|
1
|
+
{"version":3,"file":"git.js","sourceRoot":"","sources":["../src/git.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,oDAAsC;AACtC,wCAAsC;AACtC,wFAA0E;AAE1E,iCAA4B;AAC5B,qCAAgC;AAChC,yDAAoD;AAIpD,MAAa,GAAG;IACP,MAAM,CAAO,OAAO;;YACzB,MAAM,GAAG,GAAG,IAAI,iBAAO,EAAE,CAAC;YAC1B,GAAG,CAAC,GAAG,GAAG,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC;YAC1B,GAAG,CAAC,GAAG,GAAG,MAAM,GAAG,CAAC,UAAU,EAAE,CAAC;YACjC,OAAO,GAAG,CAAC;QACb,CAAC;KAAA;IAEM,MAAM,CAAO,gBAAgB;;YAClC,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,uBAAuB,CAAC,CAAC;iBAC1D,IAAI,CAAC,GAAG,CAAC,EAAE;gBACV,OAAO,GAAG,KAAK,MAAM,CAAC;YACxB,CAAC,CAAC;iBACD,KAAK,CAAC,GAAG,EAAE;gBACV,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;QACP,CAAC;KAAA;IAEM,MAAM,CAAO,SAAS,CAAC,IAAY,EAAE,GAAW,EAAE,KAAc;;YACrE,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;YAC9E,yEAAyE;YACzE,IAAI,KAAK,IAAI,SAAS,EAAE,CAAC;gBACvB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBACtB,MAAM,OAAO,GAAG,IAAI,CAAC,cAAO,CAAC,MAAM,CAAC,kDAAmB,CAAC,CAAC,QAAQ,CAAC;oBAChE,OAAO,EAAE,eAAM,CAAC,MAAM;iBACvB,CAAC,CAAC,CAAC,EAAC,IAAI,EAAE,KAAK,EAAC,CAAC,CAAC;gBACnB,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAChD,IAAI,CAAC;oBACH,OAAO,CACL,MAAM,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC;wBACnC,KAAK,EAAE,KAAK;wBACZ,IAAI,EAAE,QAAQ;wBACd,GAAG,EAAE,GAAG;wBACR,QAAQ,EAAE,CAAC;qBACZ,CAAC,CACH,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;gBAChB,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,IAAI,GAAG,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC7E,CAAC;YACH,CAAC;YACD,0CAA0C;YAC1C,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACzD,MAAM,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBACnC,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;oBACrB,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC;gBAC/D,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC,CAAC,CAAC;QACL,CAAC;KAAA;IAEM,MAAM,CAAO,SAAS;;YAC3B,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBACjE,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;oBACrB,OAAO,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;wBAC7D,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;4BACrB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;wBACnE,CAAC;wBACD,OAAO,IAAI,CAAC;oBACd,CAAC,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC,CAAC,CAAC;QACL,CAAC;KAAA;IAEM,MAAM,CAAO,GAAG;;YACrB,MAAM,cAAc,GAAG,MAAM,GAAG,CAAC,cAAc,EAAE,CAAC;YAClD,IAAI,cAAc,EAAE,CAAC;gBACnB,OAAO,MAAM,GAAG,CAAC,cAAc,EAAE,CAAC;YACpC,CAAC;YAED,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC,CAAC;QAClD,CAAC;KAAA;IAEM,MAAM,CAAO,UAAU;;YAC5B,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;QAC1E,CAAC;KAAA;IAEM,MAAM,CAAO,WAAW;;YAC7B,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;QAC1E,CAAC;KAAA;IAEM,MAAM,CAAO,GAAG;;YACrB,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,EAAE,sBAAsB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAClG,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;oBACrB,OAAO,GAAG,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC;gBACxD,CAAC;gBACD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7B,CAAC,CAAC,CAAC;QACL,CAAC;KAAA;IAEO,MAAM,CAAO,cAAc;;YACjC,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBAC7D,OAAO,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC;YACzB,CAAC,CAAC,CAAC;QACL,CAAC;KAAA;IAEO,MAAM,CAAO,cAAc;;YACjC,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC;YAC1D,IAAI,CAAC,KAAK,CAAC,sBAAsB,GAAG,EAAE,CAAC,CAAC;YAExC,MAAM,aAAa,GAAG,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YAE3D,IAAI,aAAa,KAAK,MAAM,EAAE,CAAC;gBAC7B,OAAO,MAAM,GAAG,CAAC,gBAAgB,EAAE,CAAC;YACtC,CAAC;YAED,yDAAyD;YACzD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;YAErD,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CAAC,qCAAqC,GAAG,GAAG,CAAC,CAAC;YAC/D,CAAC;YAED,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAE/B,6CAA6C;YAC7C,IAAI,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5B,OAAO,aAAa,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YACjD,CAAC;YAED,mEAAmE;YACnE,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;YACvD,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,QAAQ,GAAG,EAAE,CAAC;YACvB,CAAC;YAED,0EAA0E;YAC1E,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;YACtD,IAAI,WAAW,EAAE,CAAC;gBAChB,OAAO,cAAc,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YAC/C,CAAC;YAED,yFAAyF;YACzF,MAAM,cAAc,GAAG,GAAG,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAClD,IAAI,cAAc,EAAE,CAAC;gBACnB,OAAO,cAAc,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YAClD,CAAC;YAED,MAAM,IAAI,KAAK,CAAC,qCAAqC,GAAG,GAAG,CAAC,CAAC;QAC/D,CAAC;KAAA;IAEO,MAAM,CAAO,IAAI;6DAAC,OAAiB,EAAE;YAC3C,OAAO,MAAM,WAAI,CAAC,aAAa,CAAC,KAAK,EAAE,IAAI,EAAE;gBAC3C,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;aACb,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACZ,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;oBAC/C,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBAC9B,CAAC;gBACD,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YAC3B,CAAC,CAAC,CAAC;QACL,CAAC;KAAA;IAEO,MAAM,CAAO,gBAAgB;;YACnC,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,iBAAiB,CAAC,aAAa,CAAC,CAAC;YAC5D,IAAI,QAAQ,EAAE,CAAC;gBACb,OAAO,QAAQ,CAAC;YAClB,CAAC;YAED,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,iBAAiB,CAAC,eAAe,CAAC,CAAC;YAC/D,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBACpE,IAAI,WAAW,EAAE,CAAC;oBAChB,OAAO,cAAc,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;gBACxC,CAAC;gBACD,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC;YAC7D,MAAM,CAAC,QAAQ,CAAC,GAAG,MAAM;iBACtB,KAAK,CAAC,IAAI,CAAC;iBACX,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;iBACtB,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YACjC,IAAI,QAAQ,EAAE,CAAC;gBACb,OAAO,aAAa,QAAQ,EAAE,CAAC;YACjC,CAAC;YAED,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,CAAC;KAAA;IAEO,MAAM,CAAO,iBAAiB,CAAC,KAAa;;YAClD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,qBAAqB,EAAE,YAAY,EAAE,MAAM,EAAE,uBAAuB,EAAE,KAAK,CAAC,CAAC,CAAC;YAE3H,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI;iBACjB,KAAK,CAAC,IAAI,CAAC;iBACX,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;iBAClB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC7B,OAAO,KAAK,CAAC;QACf,CAAC;KAAA;IAEM,MAAM,CAAO,UAAU,CAAC,GAAW;;YACxC,OAAO,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACzE,CAAC;KAAA;CACF;AAjMD,kBAiMC"}
|
|
@@ -25,9 +25,11 @@ export declare class Sigstore {
|
|
|
25
25
|
private readonly imageTools;
|
|
26
26
|
constructor(opts?: SigstoreOpts);
|
|
27
27
|
signAttestationManifests(opts: SignAttestationManifestsOpts): Promise<Record<string, SignAttestationManifestsResult>>;
|
|
28
|
-
verifySignedManifests(
|
|
28
|
+
verifySignedManifests(signedManifestsResult: Record<string, SignAttestationManifestsResult>, opts: VerifySignedManifestsOpts): Promise<Record<string, VerifySignedManifestsResult>>;
|
|
29
|
+
verifyImageAttestations(image: string, opts: VerifySignedManifestsOpts): Promise<Record<string, VerifySignedManifestsResult>>;
|
|
30
|
+
verifyImageAttestation(attestationRef: string, opts: VerifySignedManifestsOpts): Promise<VerifySignedManifestsResult>;
|
|
29
31
|
signProvenanceBlobs(opts: SignProvenanceBlobsOpts): Promise<Record<string, SignProvenanceBlobsResult>>;
|
|
30
|
-
verifySignedArtifacts(
|
|
32
|
+
verifySignedArtifacts(signedArtifactsResult: Record<string, SignProvenanceBlobsResult>, opts: VerifySignedArtifactsOpts): Promise<Record<string, VerifySignedArtifactsResult>>;
|
|
31
33
|
private signingEndpoints;
|
|
32
34
|
private static noTransparencyLog;
|
|
33
35
|
private static getProvenanceBlobs;
|
package/lib/sigstore/sigstore.js
CHANGED
|
@@ -96,6 +96,7 @@ class Sigstore {
|
|
|
96
96
|
for (const attestationDigest of attestationDigests) {
|
|
97
97
|
const attestationRef = `${imageName}@${attestationDigest}`;
|
|
98
98
|
yield core.group(`Signing attestation manifest ${attestationRef}`, () => __awaiter(this, void 0, void 0, function* () {
|
|
99
|
+
var _a;
|
|
99
100
|
// prettier-ignore
|
|
100
101
|
const cosignArgs = [
|
|
101
102
|
'sign',
|
|
@@ -123,7 +124,8 @@ class Sigstore {
|
|
|
123
124
|
throw new Error(`Cosign sign command failed with errors:\n${errorMessages}`);
|
|
124
125
|
}
|
|
125
126
|
else {
|
|
126
|
-
|
|
127
|
+
// prettier-ignore
|
|
128
|
+
throw new Error(`Cosign sign command failed with: ${(_a = execRes.stderr.trim().split(/\r?\n/).filter(line => line.length > 0).pop()) !== null && _a !== void 0 ? _a : 'unknown error'}`);
|
|
127
129
|
}
|
|
128
130
|
}
|
|
129
131
|
const parsedBundle = Sigstore.parseBundle((0, bundle_1.bundleFromJSON)(signResult.bundle));
|
|
@@ -142,71 +144,95 @@ class Sigstore {
|
|
|
142
144
|
return result;
|
|
143
145
|
});
|
|
144
146
|
}
|
|
145
|
-
verifySignedManifests(
|
|
147
|
+
verifySignedManifests(signedManifestsResult, opts) {
|
|
146
148
|
return __awaiter(this, void 0, void 0, function* () {
|
|
147
|
-
var _a;
|
|
148
149
|
const result = {};
|
|
150
|
+
for (const [attestationRef, signedRes] of Object.entries(signedManifestsResult)) {
|
|
151
|
+
yield core.group(`Verifying signature of ${attestationRef}`, () => __awaiter(this, void 0, void 0, function* () {
|
|
152
|
+
const verifyResult = yield this.verifyImageAttestation(attestationRef, {
|
|
153
|
+
noTransparencyLog: opts.noTransparencyLog || !signedRes.tlogID,
|
|
154
|
+
certificateIdentityRegexp: opts.certificateIdentityRegexp,
|
|
155
|
+
retries: opts.retries
|
|
156
|
+
});
|
|
157
|
+
core.info(`Signature manifest verified: https://oci.dag.dev/?image=${signedRes.imageName}@${verifyResult.signatureManifestDigest}`);
|
|
158
|
+
result[attestationRef] = verifyResult;
|
|
159
|
+
}));
|
|
160
|
+
}
|
|
161
|
+
return result;
|
|
162
|
+
});
|
|
163
|
+
}
|
|
164
|
+
verifyImageAttestations(image, opts) {
|
|
165
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
166
|
+
const result = {};
|
|
167
|
+
const attestationDigests = yield this.imageTools.attestationDigests(image);
|
|
168
|
+
if (attestationDigests.length === 0) {
|
|
169
|
+
throw new Error(`No attestation manifests found for ${image}`);
|
|
170
|
+
}
|
|
171
|
+
const imageName = image.split(':', 1)[0];
|
|
172
|
+
for (const attestationDigest of attestationDigests) {
|
|
173
|
+
const attestationRef = `${imageName}@${attestationDigest}`;
|
|
174
|
+
const verifyResult = yield this.verifyImageAttestation(attestationRef, opts);
|
|
175
|
+
core.info(`Signature manifest verified: https://oci.dag.dev/?image=${imageName}@${verifyResult.signatureManifestDigest}`);
|
|
176
|
+
result[attestationRef] = verifyResult;
|
|
177
|
+
}
|
|
178
|
+
return result;
|
|
179
|
+
});
|
|
180
|
+
}
|
|
181
|
+
verifyImageAttestation(attestationRef, opts) {
|
|
182
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
183
|
+
var _a, _b;
|
|
149
184
|
const retries = (_a = opts.retries) !== null && _a !== void 0 ? _a : 15;
|
|
150
185
|
if (!(yield this.cosign.isAvailable())) {
|
|
151
186
|
throw new Error('Cosign is required to verify signed manifests');
|
|
152
187
|
}
|
|
188
|
+
// prettier-ignore
|
|
189
|
+
const cosignArgs = [
|
|
190
|
+
'verify',
|
|
191
|
+
'--experimental-oci11',
|
|
192
|
+
'--new-bundle-format',
|
|
193
|
+
'--certificate-oidc-issuer', 'https://token.actions.githubusercontent.com',
|
|
194
|
+
'--certificate-identity-regexp', opts.certificateIdentityRegexp
|
|
195
|
+
];
|
|
196
|
+
if (opts.noTransparencyLog) {
|
|
197
|
+
// skip tlog verification but still verify the signed timestamp
|
|
198
|
+
cosignArgs.push('--use-signed-timestamps', '--insecure-ignore-tlog');
|
|
199
|
+
}
|
|
153
200
|
let lastError;
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
'
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
cosignArgs
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
})
|
|
176
|
-
|
|
177
|
-
const verifyResult = cosign_1.Cosign.parseCommandOutput(execRes.stderr.trim());
|
|
178
|
-
if (execRes.exitCode === 0) {
|
|
179
|
-
result[attestationRef] = {
|
|
180
|
-
cosignArgs: cosignArgs,
|
|
181
|
-
signatureManifestDigest: verifyResult.signatureManifestDigest
|
|
182
|
-
};
|
|
183
|
-
lastError = undefined;
|
|
184
|
-
core.info(`Signature manifest verified: https://oci.dag.dev/?image=${signedRes.imageName}@${verifyResult.signatureManifestDigest}`);
|
|
185
|
-
break;
|
|
201
|
+
core.info(`[command]cosign ${[...cosignArgs, attestationRef].join(' ')}`);
|
|
202
|
+
for (let attempt = 0; attempt < retries; attempt++) {
|
|
203
|
+
const execRes = yield exec_1.Exec.getExecOutput('cosign', ['--verbose', ...cosignArgs, attestationRef], {
|
|
204
|
+
ignoreReturnCode: true,
|
|
205
|
+
silent: true,
|
|
206
|
+
env: Object.assign({}, process.env, {
|
|
207
|
+
COSIGN_EXPERIMENTAL: '1'
|
|
208
|
+
})
|
|
209
|
+
});
|
|
210
|
+
const verifyResult = cosign_1.Cosign.parseCommandOutput(execRes.stderr.trim());
|
|
211
|
+
if (execRes.exitCode === 0) {
|
|
212
|
+
return {
|
|
213
|
+
cosignArgs: cosignArgs,
|
|
214
|
+
signatureManifestDigest: verifyResult.signatureManifestDigest
|
|
215
|
+
};
|
|
216
|
+
}
|
|
217
|
+
else {
|
|
218
|
+
if (verifyResult.errors && verifyResult.errors.length > 0) {
|
|
219
|
+
const errorMessages = verifyResult.errors.map(e => `- [${e.code}] ${e.message} : ${e.detail}`).join('\n');
|
|
220
|
+
lastError = new Error(`Cosign verify command failed with errors:\n${errorMessages}`);
|
|
221
|
+
if (verifyResult.errors.some(e => e.code === 'MANIFEST_UNKNOWN')) {
|
|
222
|
+
core.info(`Cosign verify command failed with MANIFEST_UNKNOWN, retrying attempt ${attempt + 1}/${retries}...\n${errorMessages}`);
|
|
223
|
+
yield new Promise(res => setTimeout(res, Math.pow(2, attempt) * 100));
|
|
186
224
|
}
|
|
187
225
|
else {
|
|
188
|
-
|
|
189
|
-
const errorMessages = verifyResult.errors.map(e => `- [${e.code}] ${e.message} : ${e.detail}`).join('\n');
|
|
190
|
-
lastError = new Error(`Cosign verify command failed with errors:\n${errorMessages}`);
|
|
191
|
-
if (verifyResult.errors.some(e => e.code === 'MANIFEST_UNKNOWN')) {
|
|
192
|
-
core.info(`Cosign verify command failed with MANIFEST_UNKNOWN, retrying attempt ${attempt + 1}/${retries}...\n${errorMessages}`);
|
|
193
|
-
yield new Promise(res => setTimeout(res, Math.pow(2, attempt) * 100));
|
|
194
|
-
}
|
|
195
|
-
else {
|
|
196
|
-
throw lastError;
|
|
197
|
-
}
|
|
198
|
-
}
|
|
199
|
-
else {
|
|
200
|
-
throw new Error(`Cosign verify command failed: ${execRes.stderr}`);
|
|
201
|
-
}
|
|
226
|
+
throw lastError;
|
|
202
227
|
}
|
|
203
228
|
}
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
229
|
+
else {
|
|
230
|
+
// prettier-ignore
|
|
231
|
+
throw new Error(`Cosign verify command failed with: ${(_b = execRes.stderr.trim().split(/\r?\n/).filter(line => line.length > 0).pop()) !== null && _b !== void 0 ? _b : 'unknown error'}`);
|
|
232
|
+
}
|
|
233
|
+
}
|
|
208
234
|
}
|
|
209
|
-
|
|
235
|
+
throw lastError;
|
|
210
236
|
});
|
|
211
237
|
}
|
|
212
238
|
signProvenanceBlobs(opts) {
|
|
@@ -256,13 +282,13 @@ class Sigstore {
|
|
|
256
282
|
return result;
|
|
257
283
|
});
|
|
258
284
|
}
|
|
259
|
-
verifySignedArtifacts(
|
|
285
|
+
verifySignedArtifacts(signedArtifactsResult, opts) {
|
|
260
286
|
return __awaiter(this, void 0, void 0, function* () {
|
|
261
287
|
const result = {};
|
|
262
288
|
if (!(yield this.cosign.isAvailable())) {
|
|
263
289
|
throw new Error('Cosign is required to verify signed artifacts');
|
|
264
290
|
}
|
|
265
|
-
for (const [provenancePath, signedRes] of Object.entries(
|
|
291
|
+
for (const [provenancePath, signedRes] of Object.entries(signedArtifactsResult)) {
|
|
266
292
|
const baseDir = path_1.default.dirname(provenancePath);
|
|
267
293
|
yield core.group(`Verifying signature bundle ${signedRes.bundlePath}`, () => __awaiter(this, void 0, void 0, function* () {
|
|
268
294
|
for (const subject of signedRes.subjects) {
|
|
@@ -275,7 +301,7 @@ class Sigstore {
|
|
|
275
301
|
'--certificate-oidc-issuer', 'https://token.actions.githubusercontent.com',
|
|
276
302
|
'--certificate-identity-regexp', opts.certificateIdentityRegexp
|
|
277
303
|
];
|
|
278
|
-
if (!signedRes.tlogID) {
|
|
304
|
+
if (opts.noTransparencyLog || !signedRes.tlogID) {
|
|
279
305
|
// if there is no tlog entry, we skip tlog verification but still verify the signed timestamp
|
|
280
306
|
cosignArgs.push('--use-signed-timestamps', '--insecure-ignore-tlog');
|
|
281
307
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sigstore.js","sourceRoot":"","sources":["../../src/sigstore/sigstore.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,mCAAuC;AACvC,4CAAoB;AACpB,gDAAwB;AAExB,oDAAsC;AACtC,6CAA8D;AAC9D,yCAAuI;AAEvI,6CAAwC;AACxC,kCAA6B;AAC7B,sCAAiC;AACjC,qDAAgD;AAEhD,mDAA8F;AAC9F,yDAeoC;AAOpC,MAAa,QAAQ;IAInB,YAAY,IAAmB;QAC7B,IAAI,CAAC,MAAM,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,KAAI,IAAI,eAAM,EAAE,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,UAAU,KAAI,IAAI,uBAAU,EAAE,CAAC;IACzD,CAAC;IAEY,wBAAwB,CAAC,IAAkC;;YACtE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,MAAM,GAAmD,EAAE,CAAC;YAClE,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBACrE,MAAM,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAE7E,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;oBACxC,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,GAAG,SAAS,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;oBACxG,KAAK,MAAM,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;wBACnD,MAAM,cAAc,GAAG,GAAG,SAAS,IAAI,iBAAiB,EAAE,CAAC;wBAC3D,MAAM,IAAI,CAAC,KAAK,CAAC,gCAAgC,cAAc,EAAE,EAAE,GAAS,EAAE;4BAC5E,kBAAkB;4BAClB,MAAM,UAAU,GAAG;gCACnB,MAAM;gCACN,OAAO;gCACP,iBAAiB,EAAE,gBAAgB;gCACnC,2BAA2B,EAAE,SAAS;gCACtC,qBAAqB;gCACrB,sBAAsB;6BACvB,CAAC;4BACA,IAAI,iBAAiB,EAAE,CAAC;gCACtB,UAAU,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;4BACzC,CAAC;4BACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;4BAC1E,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;gCAC/F,gBAAgB,EAAE,IAAI;gCACtB,MAAM,EAAE,IAAI;gCACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;oCAClC,mBAAmB,EAAE,GAAG;iCACzB,CAEA;6BACF,CAAC,CAAC;4BACH,MAAM,UAAU,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;4BACpE,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;gCAC1B,IAAI,UAAU,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oCACtD,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oCACxG,MAAM,IAAI,KAAK,CAAC,4CAA4C,aAAa,EAAE,CAAC,CAAC;gCAC/E,CAAC;qCAAM,CAAC;oCACN,MAAM,IAAI,KAAK,CAAC,6CAA6C,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;gCACnF,CAAC;4BACH,CAAC;4BACD,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,IAAA,uBAAc,EAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;4BAC7E,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;gCACxB,IAAI,CAAC,IAAI,CAAC,uCAAuC,qBAAU,aAAa,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;4BACjG,CAAC;4BACD,IAAI,CAAC,IAAI,CAAC,6DAA6D,cAAc,EAAE,CAAC,CAAC;4BACzF,MAAM,CAAC,cAAc,CAAC,mCACjB,YAAY,KACf,SAAS,EAAE,SAAS,GACrB,CAAC;wBACJ,CAAC,CAAA,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,kDAAmD,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9F,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,IAA+B,EAAE,MAAsD;;;YACxH,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,MAAM,OAAO,GAAG,MAAA,IAAI,CAAC,OAAO,mCAAI,EAAE,CAAC;YAEnC,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,IAAI,SAA4B,CAAC;YACjC,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,CAAC,KAAK,CAAC,0BAA0B,cAAc,EAAE,EAAE,GAAS,EAAE;oBACtE,kBAAkB;oBAClB,MAAM,UAAU,GAAG;wBACjB,QAAQ;wBACR,sBAAsB;wBACtB,qBAAqB;wBACrB,2BAA2B,EAAE,6CAA6C;wBAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;qBAChE,CAAC;oBACF,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;wBACtB,+DAA+D;wBAC/D,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;oBACvE,CAAC;oBACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;oBAC1E,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC;wBACnD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;4BAC/F,gBAAgB,EAAE,IAAI;4BACtB,MAAM,EAAE,IAAI;4BACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;gCAClC,mBAAmB,EAAE,GAAG;6BACzB,CAA4B;yBAC9B,CAAC,CAAC;wBACH,MAAM,YAAY,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;wBACtE,IAAI,OAAO,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;4BAC3B,MAAM,CAAC,cAAc,CAAC,GAAG;gCACvB,UAAU,EAAE,UAAU;gCACtB,uBAAuB,EAAE,YAAY,CAAC,uBAAwB;6BAC/D,CAAC;4BACF,SAAS,GAAG,SAAS,CAAC;4BACtB,IAAI,CAAC,IAAI,CAAC,2DAA2D,SAAS,CAAC,SAAS,IAAI,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAC;4BACpI,MAAM;wBACR,CAAC;6BAAM,CAAC;4BACN,IAAI,YAAY,CAAC,MAAM,IAAI,YAAY,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gCAC1D,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gCAC1G,SAAS,GAAG,IAAI,KAAK,CAAC,8CAA8C,aAAa,EAAE,CAAC,CAAC;gCACrF,IAAI,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,EAAE,CAAC;oCACjE,IAAI,CAAC,IAAI,CAAC,wEAAwE,OAAO,GAAG,CAAC,IAAI,OAAO,QAAQ,aAAa,EAAE,CAAC,CAAC;oCACjI,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;gCACxE,CAAC;qCAAM,CAAC;oCACN,MAAM,SAAS,CAAC;gCAClB,CAAC;4BACH,CAAC;iCAAM,CAAC;gCACN,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;4BACrE,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,SAAS,CAAC;YAClB,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,mBAAmB,CAAC,IAA6B;;YAC5D,MAAM,MAAM,GAA8C,EAAE,CAAC;YAC7D,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBAErE,MAAM,eAAe,GAAG,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBAC1D,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;oBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,EAAE,GAAS,EAAE;;wBAC1C,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;wBAChC,MAAM,UAAU,GAAG,cAAI,CAAC,IAAI,CAAC,cAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,MAAA,IAAI,CAAC,IAAI,mCAAI,YAAY,gBAAgB,CAAC,CAAC;wBAC5F,MAAM,QAAQ,GAAG,QAAQ,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;4BAC1B,IAAI,CAAC,OAAO,CAAC,mCAAmC,CAAC,iBAAiB,CAAC,CAAC;4BACpE,OAAO;wBACT,CAAC;wBACD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,WAAW,CACvC;4BACE,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,0BAAwB;yBAC/B,EACD,SAAS,CACV,CAAC;wBACF,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;wBAClD,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;wBACzC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;4BAC/B,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;4BACzE,IAAI,CAAC,IAAI,CAAC,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,WAAW,GAAG,CAAC,CAAC;wBACjE,CAAC;wBACD,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;4BACxB,IAAI,CAAC,IAAI,CAAC,6DAA6D,qBAAU,aAAa,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;wBACvH,CAAC;wBACD,IAAI,CAAC,IAAI,CAAC,+BAA+B,UAAU,EAAE,CAAC,CAAC;wBACvD,YAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;4BAC1E,QAAQ,EAAE,OAAO;yBAClB,CAAC,CAAC;wBACH,MAAM,CAAC,CAAC,CAAC,mCACJ,YAAY,KACf,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,QAAQ,GACnB,CAAC;oBACJ,CAAC,CAAA,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,6CAA8C,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACzF,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,IAA+B,EAAE,MAAiD;;YACnH,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YACD,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,MAAM,OAAO,GAAG,cAAI,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;gBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,8BAA8B,SAAS,CAAC,UAAU,EAAE,EAAE,GAAS,EAAE;oBAChF,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;wBACzC,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,CAAC,IAAI,CAAC,6BAA6B,YAAY,EAAE,CAAC,CAAC;wBACvD,kBAAkB;wBAClB,MAAM,UAAU,GAAG;4BACjB,yBAAyB;4BACzB,qBAAqB;4BACrB,2BAA2B,EAAE,6CAA6C;4BAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;yBAChE,CAAA;wBACD,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;4BACtB,6FAA6F;4BAC7F,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;wBACvE,CAAC;wBACD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,GAAG,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,UAAU,EAAE,YAAY,CAAC,EAAE;4BAClH,gBAAgB,EAAE,IAAI;yBACvB,CAAC,CAAC;wBACH,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;4BACvD,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;wBAClC,CAAC;wBACD,MAAM,CAAC,YAAY,CAAC,GAAG;4BACrB,UAAU,EAAE,SAAS,CAAC,UAAU;4BAChC,UAAU,EAAE,UAAU;yBACvB,CAAC;oBACJ,CAAC;gBACH,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEO,gBAAgB,CAAC,iBAA2B;QAClD,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,+BAA+B,iBAAiB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QACvF,OAAO;YACL,SAAS,EAAE,qBAAU;YACrB,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,oBAAS;YACnD,YAAY,EAAE,wBAAa;SAC5B,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,iBAAiB,CAAC,iBAA2B;;QAC1D,OAAO,iBAAiB,aAAjB,iBAAiB,cAAjB,iBAAiB,GAAI,MAAA,eAAM,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,0CAAE,OAAO,CAAC;IACzE,CAAC;IAEO,MAAM,CAAC,kBAAkB,CAAC,IAA6B;QAC7D,4BAA4B;QAC5B,MAAM,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAC;QAC3E,IAAI,YAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpC,OAAO,EAAC,CAAC,gBAAgB,CAAC,EAAE,YAAE,CAAC,YAAY,CAAC,gBAAgB,CAAC,EAAC,CAAC;QACjE,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAG,YAAE,CAAC,WAAW,CAAC,IAAI,CAAC,cAAc,EAAE,EAAC,aAAa,EAAE,IAAI,EAAC,CAAC,CAAC;QAC3E,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;QACvE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,eAAe,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,IAAI,eAAe,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9M,MAAM,MAAM,GAA2B,EAAE,CAAC;YAC1C,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;gBAC7C,MAAM,CAAC,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;gBACjF,MAAM,CAAC,CAAC,CAAC,GAAG,YAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACjC,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,qCAAqC,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;IAC9E,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,IAAY;QAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAE3C,CAAC;QACF,OAAO,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACjC,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,MAAM,EAAE,CAAC,CAAC,MAAM;SACjB,CAAC,CAAC,CAAC;IACN,CAAC;IAEO,MAAM,CAAO,WAAW,CAAC,QAAkB,EAAE,SAAoB,EAAE,OAAgB,EAAE,OAAgB;;YAC3G,MAAM,SAAS,GAAc,EAAE,CAAC;YAEhC,MAAM,MAAM,GAAG,IAAI,mBAAY,CAAC;gBAC9B,gBAAgB,EAAE,IAAI,wBAAiB,CAAC,UAAU,CAAC;gBACnD,aAAa,EAAE,SAAS,CAAC,SAAS;gBAClC,OAAO,EAAE,OAAO;gBAChB,KAAK,EAAE,OAAO;aACf,CAAC,CAAC;YAEH,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;gBACvB,SAAS,CAAC,IAAI,CACZ,IAAI,mBAAY,CAAC;oBACf,YAAY,EAAE,SAAS,CAAC,QAAQ;oBAChC,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,OAAO;oBAChB,KAAK,EAAE,OAAO;iBACf,CAAC,CACH,CAAC;YACJ,CAAC;YAED,IAAI,SAAS,CAAC,YAAY,EAAE,CAAC;gBAC3B,SAAS,CAAC,IAAI,CACZ,IAAI,iBAAU,CAAC;oBACb,UAAU,EAAE,SAAS,CAAC,YAAY;oBAClC,OAAO,EAAE,OAAO;oBAChB,KAAK,EAAE,OAAO;iBACf,CAAC,CACH,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,wBAAiB,CAAC,EAAC,MAAM,EAAE,SAAS,EAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrE,CAAC;KAAA;IAEO,MAAM,CAAC,WAAW,CAAC,MAAc;QACvC,IAAI,SAAiB,CAAC;QACtB,QAAQ,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YAClD,KAAK,sBAAsB;gBACzB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;gBAC9F,MAAM;YACR,KAAK,aAAa;gBAChB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC;gBACrE,MAAM;YACR;gBACE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC/D,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,wBAAe,CAAC,SAAS,CAAC,CAAC;QAEnD,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,oBAAoB,CAAC,WAAW,CAAC;QAC5D,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5E,OAAO;YACL,OAAO,EAAE,IAAA,qBAAY,EAAC,MAAM,CAAC;YAC7B,WAAW,EAAE,WAAW,CAAC,QAAQ,EAAE;YACnC,MAAM,EAAE,MAAM;SACf,CAAC;IACJ,CAAC;CACF;AAlVD,4BAkVC"}
|
|
1
|
+
{"version":3,"file":"sigstore.js","sourceRoot":"","sources":["../../src/sigstore/sigstore.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,mCAAuC;AACvC,4CAAoB;AACpB,gDAAwB;AAExB,oDAAsC;AACtC,6CAA8D;AAC9D,yCAAuI;AAEvI,6CAAwC;AACxC,kCAA6B;AAC7B,sCAAiC;AACjC,qDAAgD;AAEhD,mDAA8F;AAC9F,yDAeoC;AAOpC,MAAa,QAAQ;IAInB,YAAY,IAAmB;QAC7B,IAAI,CAAC,MAAM,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,KAAI,IAAI,eAAM,EAAE,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,UAAU,KAAI,IAAI,uBAAU,EAAE,CAAC;IACzD,CAAC;IAEY,wBAAwB,CAAC,IAAkC;;YACtE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,MAAM,GAAmD,EAAE,CAAC;YAClE,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBACrE,MAAM,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAE7E,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;oBACxC,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,GAAG,SAAS,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;oBACxG,KAAK,MAAM,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;wBACnD,MAAM,cAAc,GAAG,GAAG,SAAS,IAAI,iBAAiB,EAAE,CAAC;wBAC3D,MAAM,IAAI,CAAC,KAAK,CAAC,gCAAgC,cAAc,EAAE,EAAE,GAAS,EAAE;;4BAC5E,kBAAkB;4BAClB,MAAM,UAAU,GAAG;gCACjB,MAAM;gCACN,OAAO;gCACP,iBAAiB,EAAE,gBAAgB;gCACnC,2BAA2B,EAAE,SAAS;gCACtC,qBAAqB;gCACrB,sBAAsB;6BACvB,CAAC;4BACF,IAAI,iBAAiB,EAAE,CAAC;gCACtB,UAAU,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;4BACzC,CAAC;4BACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;4BAC1E,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;gCAC/F,gBAAgB,EAAE,IAAI;gCACtB,MAAM,EAAE,IAAI;gCACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;oCAClC,mBAAmB,EAAE,GAAG;iCACzB,CAEA;6BACF,CAAC,CAAC;4BACH,MAAM,UAAU,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;4BACpE,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;gCAC1B,IAAI,UAAU,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oCACtD,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oCACxG,MAAM,IAAI,KAAK,CAAC,4CAA4C,aAAa,EAAE,CAAC,CAAC;gCAC/E,CAAC;qCAAM,CAAC;oCACN,kBAAkB;oCAClB,MAAM,IAAI,KAAK,CAAC,oCAAoC,MAAA,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,mCAAI,eAAe,EAAE,CAAC,CAAC;gCACvJ,CAAC;4BACH,CAAC;4BACD,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,IAAA,uBAAc,EAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;4BAC7E,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;gCACxB,IAAI,CAAC,IAAI,CAAC,uCAAuC,qBAAU,aAAa,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;4BACjG,CAAC;4BACD,IAAI,CAAC,IAAI,CAAC,6DAA6D,cAAc,EAAE,CAAC,CAAC;4BACzF,MAAM,CAAC,cAAc,CAAC,mCACjB,YAAY,KACf,SAAS,EAAE,SAAS,GACrB,CAAC;wBACJ,CAAC,CAAA,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,kDAAmD,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9F,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,qBAAqE,EAAE,IAA+B;;YACvI,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,qBAAqB,CAAC,EAAE,CAAC;gBAChF,MAAM,IAAI,CAAC,KAAK,CAAC,0BAA0B,cAAc,EAAE,EAAE,GAAS,EAAE;oBACtE,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE;wBACrE,iBAAiB,EAAE,IAAI,CAAC,iBAAiB,IAAI,CAAC,SAAS,CAAC,MAAM;wBAC9D,yBAAyB,EAAE,IAAI,CAAC,yBAAyB;wBACzD,OAAO,EAAE,IAAI,CAAC,OAAO;qBACtB,CAAC,CAAC;oBACH,IAAI,CAAC,IAAI,CAAC,2DAA2D,SAAS,CAAC,SAAS,IAAI,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAC;oBACpI,MAAM,CAAC,cAAc,CAAC,GAAG,YAAY,CAAC;gBACxC,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,uBAAuB,CAAC,KAAa,EAAE,IAA+B;;YACjF,MAAM,MAAM,GAAgD,EAAE,CAAC;YAE/D,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC3E,IAAI,kBAAkB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,KAAK,EAAE,CAAC,CAAC;YACjE,CAAC;YAED,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,KAAK,MAAM,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;gBACnD,MAAM,cAAc,GAAG,GAAG,SAAS,IAAI,iBAAiB,EAAE,CAAC;gBAC3D,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;gBAC7E,IAAI,CAAC,IAAI,CAAC,2DAA2D,SAAS,IAAI,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAC;gBAC1H,MAAM,CAAC,cAAc,CAAC,GAAG,YAAY,CAAC;YACxC,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,sBAAsB,CAAC,cAAsB,EAAE,IAA+B;;;YACzF,MAAM,OAAO,GAAG,MAAA,IAAI,CAAC,OAAO,mCAAI,EAAE,CAAC;YAEnC,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,kBAAkB;YAClB,MAAM,UAAU,GAAG;gBACjB,QAAQ;gBACR,sBAAsB;gBACtB,qBAAqB;gBACrB,2BAA2B,EAAE,6CAA6C;gBAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;aAChE,CAAC;YACF,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC3B,+DAA+D;gBAC/D,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;YACvE,CAAC;YAED,IAAI,SAA4B,CAAC;YACjC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAC1E,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC;gBACnD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;oBAC/F,gBAAgB,EAAE,IAAI;oBACtB,MAAM,EAAE,IAAI;oBACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;wBAClC,mBAAmB,EAAE,GAAG;qBACzB,CAA4B;iBAC9B,CAAC,CAAC;gBACH,MAAM,YAAY,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;gBACtE,IAAI,OAAO,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;oBAC3B,OAAO;wBACL,UAAU,EAAE,UAAU;wBACtB,uBAAuB,EAAE,YAAY,CAAC,uBAAwB;qBAC/D,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,IAAI,YAAY,CAAC,MAAM,IAAI,YAAY,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBAC1D,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAC1G,SAAS,GAAG,IAAI,KAAK,CAAC,8CAA8C,aAAa,EAAE,CAAC,CAAC;wBACrF,IAAI,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,EAAE,CAAC;4BACjE,IAAI,CAAC,IAAI,CAAC,wEAAwE,OAAO,GAAG,CAAC,IAAI,OAAO,QAAQ,aAAa,EAAE,CAAC,CAAC;4BACjI,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;wBACxE,CAAC;6BAAM,CAAC;4BACN,MAAM,SAAS,CAAC;wBAClB,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,kBAAkB;wBAClB,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAA,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,mCAAI,eAAe,EAAE,CAAC,CAAC;oBACzJ,CAAC;gBACH,CAAC;YACH,CAAC;YAED,MAAM,SAAS,CAAC;QAClB,CAAC;KAAA;IAEY,mBAAmB,CAAC,IAA6B;;YAC5D,MAAM,MAAM,GAA8C,EAAE,CAAC;YAC7D,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBAErE,MAAM,eAAe,GAAG,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBAC1D,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;oBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,EAAE,GAAS,EAAE;;wBAC1C,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;wBAChC,MAAM,UAAU,GAAG,cAAI,CAAC,IAAI,CAAC,cAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,MAAA,IAAI,CAAC,IAAI,mCAAI,YAAY,gBAAgB,CAAC,CAAC;wBAC5F,MAAM,QAAQ,GAAG,QAAQ,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;4BAC1B,IAAI,CAAC,OAAO,CAAC,mCAAmC,CAAC,iBAAiB,CAAC,CAAC;4BACpE,OAAO;wBACT,CAAC;wBACD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,WAAW,CACvC;4BACE,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,0BAAwB;yBAC/B,EACD,SAAS,CACV,CAAC;wBACF,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;wBAClD,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;wBACzC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;4BAC/B,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;4BACzE,IAAI,CAAC,IAAI,CAAC,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,WAAW,GAAG,CAAC,CAAC;wBACjE,CAAC;wBACD,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;4BACxB,IAAI,CAAC,IAAI,CAAC,6DAA6D,qBAAU,aAAa,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;wBACvH,CAAC;wBACD,IAAI,CAAC,IAAI,CAAC,+BAA+B,UAAU,EAAE,CAAC,CAAC;wBACvD,YAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;4BAC1E,QAAQ,EAAE,OAAO;yBAClB,CAAC,CAAC;wBACH,MAAM,CAAC,CAAC,CAAC,mCACJ,YAAY,KACf,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,QAAQ,GACnB,CAAC;oBACJ,CAAC,CAAA,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,6CAA8C,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACzF,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,qBAAgE,EAAE,IAA+B;;YAClI,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YACD,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,qBAAqB,CAAC,EAAE,CAAC;gBAChF,MAAM,OAAO,GAAG,cAAI,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;gBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,8BAA8B,SAAS,CAAC,UAAU,EAAE,EAAE,GAAS,EAAE;oBAChF,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;wBACzC,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,CAAC,IAAI,CAAC,6BAA6B,YAAY,EAAE,CAAC,CAAC;wBACvD,kBAAkB;wBAClB,MAAM,UAAU,GAAG;4BACjB,yBAAyB;4BACzB,qBAAqB;4BACrB,2BAA2B,EAAE,6CAA6C;4BAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;yBAChE,CAAA;wBACD,IAAI,IAAI,CAAC,iBAAiB,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;4BAChD,6FAA6F;4BAC7F,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;wBACvE,CAAC;wBACD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,GAAG,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,UAAU,EAAE,YAAY,CAAC,EAAE;4BAClH,gBAAgB,EAAE,IAAI;yBACvB,CAAC,CAAC;wBACH,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;4BACvD,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;wBAClC,CAAC;wBACD,MAAM,CAAC,YAAY,CAAC,GAAG;4BACrB,UAAU,EAAE,SAAS,CAAC,UAAU;4BAChC,UAAU,EAAE,UAAU;yBACvB,CAAC;oBACJ,CAAC;gBACH,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEO,gBAAgB,CAAC,iBAA2B;QAClD,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,+BAA+B,iBAAiB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QACvF,OAAO;YACL,SAAS,EAAE,qBAAU;YACrB,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,oBAAS;YACnD,YAAY,EAAE,wBAAa;SAC5B,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,iBAAiB,CAAC,iBAA2B;;QAC1D,OAAO,iBAAiB,aAAjB,iBAAiB,cAAjB,iBAAiB,GAAI,MAAA,eAAM,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,0CAAE,OAAO,CAAC;IACzE,CAAC;IAEO,MAAM,CAAC,kBAAkB,CAAC,IAA6B;QAC7D,4BAA4B;QAC5B,MAAM,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAC;QAC3E,IAAI,YAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpC,OAAO,EAAC,CAAC,gBAAgB,CAAC,EAAE,YAAE,CAAC,YAAY,CAAC,gBAAgB,CAAC,EAAC,CAAC;QACjE,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAG,YAAE,CAAC,WAAW,CAAC,IAAI,CAAC,cAAc,EAAE,EAAC,aAAa,EAAE,IAAI,EAAC,CAAC,CAAC;QAC3E,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;QACvE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,eAAe,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,IAAI,eAAe,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9M,MAAM,MAAM,GAA2B,EAAE,CAAC;YAC1C,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;gBAC7C,MAAM,CAAC,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;gBACjF,MAAM,CAAC,CAAC,CAAC,GAAG,YAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACjC,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,qCAAqC,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;IAC9E,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,IAAY;QAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAE3C,CAAC;QACF,OAAO,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACjC,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,MAAM,EAAE,CAAC,CAAC,MAAM;SACjB,CAAC,CAAC,CAAC;IACN,CAAC;IAEO,MAAM,CAAO,WAAW,CAAC,QAAkB,EAAE,SAAoB,EAAE,OAAgB,EAAE,OAAgB;;YAC3G,MAAM,SAAS,GAAc,EAAE,CAAC;YAEhC,MAAM,MAAM,GAAG,IAAI,mBAAY,CAAC;gBAC9B,gBAAgB,EAAE,IAAI,wBAAiB,CAAC,UAAU,CAAC;gBACnD,aAAa,EAAE,SAAS,CAAC,SAAS;gBAClC,OAAO,EAAE,OAAO;gBAChB,KAAK,EAAE,OAAO;aACf,CAAC,CAAC;YAEH,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;gBACvB,SAAS,CAAC,IAAI,CACZ,IAAI,mBAAY,CAAC;oBACf,YAAY,EAAE,SAAS,CAAC,QAAQ;oBAChC,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,OAAO;oBAChB,KAAK,EAAE,OAAO;iBACf,CAAC,CACH,CAAC;YACJ,CAAC;YAED,IAAI,SAAS,CAAC,YAAY,EAAE,CAAC;gBAC3B,SAAS,CAAC,IAAI,CACZ,IAAI,iBAAU,CAAC;oBACb,UAAU,EAAE,SAAS,CAAC,YAAY;oBAClC,OAAO,EAAE,OAAO;oBAChB,KAAK,EAAE,OAAO;iBACf,CAAC,CACH,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,wBAAiB,CAAC,EAAC,MAAM,EAAE,SAAS,EAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrE,CAAC;KAAA;IAEO,MAAM,CAAC,WAAW,CAAC,MAAc;QACvC,IAAI,SAAiB,CAAC;QACtB,QAAQ,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YAClD,KAAK,sBAAsB;gBACzB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;gBAC9F,MAAM;YACR,KAAK,aAAa;gBAChB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC;gBACrE,MAAM;YACR;gBACE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC/D,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,wBAAe,CAAC,SAAS,CAAC,CAAC;QAEnD,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,oBAAoB,CAAC,WAAW,CAAC;QAC5D,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5E,OAAO;YACL,OAAO,EAAE,IAAA,qBAAY,EAAC,MAAM,CAAC;YAC7B,WAAW,EAAE,WAAW,CAAC,QAAQ,EAAE;YACnC,MAAM,EAAE,MAAM;SACf,CAAC;IACJ,CAAC;CACF;AA7WD,4BA6WC"}
|
|
@@ -39,6 +39,7 @@ export interface SignAttestationManifestsResult extends ParsedBundle {
|
|
|
39
39
|
}
|
|
40
40
|
export interface VerifySignedManifestsOpts {
|
|
41
41
|
certificateIdentityRegexp: string;
|
|
42
|
+
noTransparencyLog?: boolean;
|
|
42
43
|
retries?: number;
|
|
43
44
|
}
|
|
44
45
|
export interface VerifySignedManifestsResult {
|
|
@@ -56,6 +57,7 @@ export interface SignProvenanceBlobsResult extends ParsedBundle {
|
|
|
56
57
|
}
|
|
57
58
|
export interface VerifySignedArtifactsOpts {
|
|
58
59
|
certificateIdentityRegexp: string;
|
|
60
|
+
noTransparencyLog?: boolean;
|
|
59
61
|
}
|
|
60
62
|
export interface VerifySignedArtifactsResult {
|
|
61
63
|
bundlePath: string;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@docker/actions-toolkit",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.73.0",
|
|
4
4
|
"description": "Toolkit for Docker (GitHub) Actions",
|
|
5
5
|
"scripts": {
|
|
6
6
|
"build": "tsc",
|
|
@@ -45,21 +45,21 @@
|
|
|
45
45
|
"registry": "https://registry.npmjs.org/"
|
|
46
46
|
},
|
|
47
47
|
"dependencies": {
|
|
48
|
-
"@actions/artifact": "^5.0.
|
|
49
|
-
"@actions/cache": "^5.0.
|
|
50
|
-
"@actions/core": "^2.0.
|
|
48
|
+
"@actions/artifact": "^5.0.2",
|
|
49
|
+
"@actions/cache": "^5.0.2",
|
|
50
|
+
"@actions/core": "^2.0.2",
|
|
51
51
|
"@actions/exec": "^2.0.0",
|
|
52
|
-
"@actions/github": "^
|
|
53
|
-
"@actions/http-client": "^3.0.
|
|
52
|
+
"@actions/github": "^7.0.0",
|
|
53
|
+
"@actions/http-client": "^3.0.1",
|
|
54
54
|
"@actions/io": "^2.0.0",
|
|
55
|
-
"@actions/tool-cache": "^
|
|
55
|
+
"@actions/tool-cache": "^3.0.0",
|
|
56
56
|
"@azure/storage-blob": "^12.29.1",
|
|
57
57
|
"@octokit/core": "^5.2.2",
|
|
58
58
|
"@octokit/plugin-rest-endpoint-methods": "^10.4.1",
|
|
59
59
|
"@sigstore/bundle": "^4.0.0",
|
|
60
|
-
"@sigstore/sign": "^4.0
|
|
61
|
-
"@sigstore/tuf": "^4.0.
|
|
62
|
-
"@sigstore/verify": "^3.
|
|
60
|
+
"@sigstore/sign": "^4.1.0",
|
|
61
|
+
"@sigstore/tuf": "^4.0.1",
|
|
62
|
+
"@sigstore/verify": "^3.1.0",
|
|
63
63
|
"async-retry": "^1.3.3",
|
|
64
64
|
"csv-parse": "^6.1.0",
|
|
65
65
|
"gunzip-maybe": "^1.4.2",
|
|
@@ -75,7 +75,7 @@
|
|
|
75
75
|
"@eslint/compat": "^2.0.0",
|
|
76
76
|
"@eslint/eslintrc": "^3.3.3",
|
|
77
77
|
"@eslint/js": "^9.39.2",
|
|
78
|
-
"@sigstore/rekor-types": "^
|
|
78
|
+
"@sigstore/rekor-types": "^4.0.0",
|
|
79
79
|
"@types/gunzip-maybe": "^1.4.3",
|
|
80
80
|
"@types/he": "^1.2.3",
|
|
81
81
|
"@types/js-yaml": "^4.0.9",
|