Read the server url from the environment variable.

Instead of having the urls hardcoded, read them from the environment. I opted to read from the environment variable instead of the github context because it would be easier to test.
2026-04-01 03:53:14 +08:00 · 2024-05-16 10:55:41 +02:00
parent ae38557bb0
commit e60694077d
3 changed files with 58 additions and 11 deletions
--- a/packages/attest/src/endpoints.ts
+++ b/packages/attest/src/endpoints.ts
@@ -6,9 +6,6 @@ const GITHUB_ID = 'github'
 const FULCIO_PUBLIC_GOOD_URL = 'https://fulcio.sigstore.dev'
 const REKOR_PUBLIC_GOOD_URL = 'https://rekor.sigstore.dev'

-const FULCIO_INTERNAL_URL = 'https://fulcio.githubapp.com'
-const TSA_INTERNAL_URL = 'https://timestamp.githubapp.com'
-
 export type SigstoreInstance = typeof PUBLIC_GOOD_ID | typeof GITHUB_ID

 export type Endpoints = {
@@ -22,11 +19,6 @@ export const SIGSTORE_PUBLIC_GOOD: Endpoints = {
  rekorURL: REKOR_PUBLIC_GOOD_URL
 }

-export const SIGSTORE_GITHUB: Endpoints = {
-  fulcioURL: FULCIO_INTERNAL_URL,
-  tsaServerURL: TSA_INTERNAL_URL
-}
-
 export const signingEndpoints = (sigstore?: SigstoreInstance): Endpoints => {
  let instance: SigstoreInstance

@@ -45,6 +37,20 @@ export const signingEndpoints = (sigstore?: SigstoreInstance): Endpoints => {
    case PUBLIC_GOOD_ID:
      return SIGSTORE_PUBLIC_GOOD
    case GITHUB_ID:
-      return SIGSTORE_GITHUB
+      return buildGitHubEndpoints()
  }
 }
+
+function buildGitHubEndpoints(): Endpoints {
+  const serverURL = process.env.GITHUB_SERVER_URL ?? `https://github.com`
+  let url = serverURL.replace('https://', '')
+
+  if (url === 'github.com') {
+    url = 'githubapp.com'
+  }
+  const endpoints: Endpoints = {
+    fulcioURL: `https://fulcio.${url}`,
+    tsaServerURL: `https://timestamp.${url}`
+  }
+  return endpoints
+}