Skip to content

Commit 6a89e12

Browse files
kommendorkaptenkommendorkapten
authored
Add path to created attestation in a well-known summary file (#252)
* Added a new output file, where the path on local disk to each created attestation is stored. One attestation per line. Signed-off-by: Fredrik Skogman <kommendorkapten@github.com> * Added a section to the readme about the paths file Signed-off-by: Fredrik Skogman <kommendorkapten@github.com> * store the file in RUNNER_TEMP * Ignore writing summary file for created attestations if runner_temp is not set. * prettier updates --------- Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
1 parent cbc14bb commit 6a89e12

File tree

3 files changed

+34
-0
lines changed

3 files changed

+34
-0
lines changed

README.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,12 @@ Once the attestation has been created and signed, it will be uploaded to the GH
1818
attestations API and associated with the repository from which the workflow was
1919
initiated.
2020

21+
When an attestation is created, the attestation is stored on the local
22+
filesystem used by the runner. For each attestation created, the filesystem path
23+
will be appended to the file `${RUNNER_TEMP}/created_attestation_paths.txt`.
24+
This can be used to gather all attestations created by all jobs during a the
25+
workflow.
26+
2127
Attestations can be verified using the [`attestation` command in the GitHub
2228
CLI][5].
2329

dist/index.js

Lines changed: 13 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/main.ts

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ import {
1616
import type { Subject } from '@actions/attest'
1717

1818
const ATTESTATION_FILE_NAME = 'attestation.json'
19+
const ATTESTATION_PATHS_FILE_NAME = 'created_attestation_paths.txt'
1920

2021
export type RunInputs = SubjectInputs &
2122
PredicateInputs & {
@@ -79,6 +80,20 @@ export async function run(inputs: RunInputs): Promise<void> {
7980
flag: 'a'
8081
})
8182

83+
const baseDir = process.env.RUNNER_TEMP
84+
if (baseDir) {
85+
const outputSummaryPath = path.join(baseDir, ATTESTATION_PATHS_FILE_NAME)
86+
// Append the output path to the attestations paths file
87+
fs.appendFileSync(outputSummaryPath, outputPath + os.EOL, {
88+
encoding: 'utf-8',
89+
flag: 'a'
90+
})
91+
} else {
92+
core.warning(
93+
'RUNNER_TEMP environment variable is not set. Cannot write attestation paths file.'
94+
)
95+
}
96+
8297
if (att.attestationID) {
8398
core.setOutput('attestation-id', att.attestationID)
8499
core.setOutput('attestation-url', attestationURL(att.attestationID))

0 commit comments

Comments
 (0)