actions/toolkit
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/actions/toolkit synced 2026-04-30 10:58:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

build provenance stmt from OIDC claims

Browse Source 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
This commit is contained in:
Brian DeHamer
2024-03-21 19:25:36 -07:00
parent ef77c9d60b
commit a0e6af1e53
12 changed files with 1031 additions and 212 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
packages/attest/README.md
View File

@@ -112,6 +112,10 @@ export type AttestProvenanceOptions = {
sigstore?: 'public-good' | 'github'
// Whether to skip writing the attestation to the GH attestations API.
skipWrite?: boolean
// Issuer URL responsible for minting the OIDC token from which the
// provenance data is read. Defaults to
// 'https://token.actions.githubusercontent.com".
issuer?: string
}
```