diff --git a/NOTICE b/NOTICE index d72195a..8910969 100644 --- a/NOTICE +++ b/NOTICE @@ -1,5 +1,5 @@ CycloneDX GitHub Action for Go Modules -Copyright (c) Niklas Düster +Copyright (c) OWASP Foundation This product includes software developed by the CycloneDX community (https://cyclonedx.org/). \ No newline at end of file diff --git a/README.md b/README.md index a233076..1a7921d 100644 --- a/README.md +++ b/README.md @@ -8,71 +8,33 @@ GitHub action to generate a CycloneDX SBOM for Go modules. ### `version` -**Required** The version of cyclonedx-gomod to use. Can be a version range, in which case the latest version matching the range is chosen. +**Required**. The version of *cyclonedx-gomod* to use. +Can be a version range, in which case the latest version matching the range is chosen. +Minimum allowed version is v1.0.0. Must either be an [existing semantic version](https://github.com/CycloneDX/cyclonedx-gomod/releases) +(e.g. `v1.0.0`, `1.0.0`) or a [version range](https://github.com/npm/node-semver#ranges). -Must either be an [existing semantic version](https://github.com/CycloneDX/cyclonedx-gomod/releases) (e.g. `v0.8.1`, `0.8.1`), [version range](https://github.com/npm/node-semver#ranges) or `latest`. +### `args` -> ⚠ Only versions `>= v0.8.1` are supported. Specifying versions below that will cause the workflow to fail. - -> Using `latest` is generally not recommended and will produce a warning, as it may fail your workflow -> unexpectedly due to breaking changes in newer *cyclonedx-gomod* versions. -> As of v0.3.0, version ranges are supported. Instead of `latest`, consider using `^v0`, `^v0.8` or similar instead. - -### `include-stdlib` - -Include Go standard library as component and dependency of the module. Default `false`. - -### `include-test` - -Include test dependencies. Default `false`. - -### `json` - -Output in JSON format. Default `false`. - -### `module` - -Path to Go module. Default `'.'`. - -### `omit-serial-number` - -Omit serial number. Default `false`. - -### `omit-version-prefix` - -Omit "v" version prefix. Default `false`. - -### `output` - -Output path. Default `'-'` (stdout). - -### `reproducible` - -Make the SBOM reproducible by omitting dynamic content. Default `false`. - -### `resolve-licenses` - -Resolve module licenses. Default `false`. - -### `type` - -Type of the main component. Default `'application'`. +**Optional**. Arguments to pass to *cyclonedx-gomod*. +Please refer to the [*cyclonedx-gomod* documentation](https://github.com/CycloneDX/cyclonedx-gomod#usage) for usage instructions. +When not set, *cyclonedx-gomod* will only be downloaded, but not executed. +It'll be made available via `$PATH` and can be used by later steps of the workflow. ## Example usage ```yaml -- name: Generate SBOM JSON +# Download and invoke cyclonedx-gomod in a single step +- name: Generate SBOM uses: CycloneDX/gh-gomod-generate-sbom@v0.3.0 with: - json: true - output: bom.json - resolve-licenses: true - version: ^v0 + version: v1 + args: mod -licenses -json -output bom.json -- name: Generate SBOM XML +# Just download cyclonedx-gomod and call it in a later step +- name: Download cyclonedx-gomod uses: CycloneDX/gh-gomod-generate-sbom@v0.3.0 with: - output: bom.xml - resolve-licenses: true - version: latest + version: v1.0.0 +- name: Generate SBOM + run: cyclonedx-gomod app -licenses -files -output bom.xml -main cmd/acme-app ``` \ No newline at end of file diff --git a/action.yml b/action.yml index 673e6f7..07b2c84 100644 --- a/action.yml +++ b/action.yml @@ -2,48 +2,18 @@ name: CycloneDX GoMod Generate SBOM author: Niklas Düster description: Github action to generate a CycloneDX SBOM for Go modules inputs: - include-stdlib: - description: Include Go standard library as component and dependency of the module - default: 'false' - required: false - include-test: - description: Include test dependencies - default: 'false' - required: false - json: - description: Output in JSON format - default: 'false' - required: false - module: - description: Path to Go module - default: '.' - required: false - omit-serial-number: - description: Omit serial number - default: 'false' - required: false - omit-version-prefix: - description: Omit "v" version prefix - default: 'false' - required: false - output: - description: Output path - default: '-' - required: false - reproducible: - description: Make the SBOM reproducible by omitting dynamic content - default: 'false' - required: false - resolve-licenses: - description: Resolve module licenses - default: 'false' - required: false - type: - description: Type of the main component - default: application + args: + description: | + Arguments to pass to cyclonedx-gomod. + Please refer to the cyclonedx-gomod documentation for usage instructions. + When not set, *cyclonedx-gomod* will only be downloaded, but not executed. + It'll be made available via $PATH and can be used by later steps of the workflow. required: false version: - description: The version of cyclonedx-gomod to use. Can be a version range, in which case the latest version matching the range is chosen + description: | + The version of cyclonedx-gomod to use. + Can be a version range, in which case the latest version matching the range is chosen. + Minimum allowed version is v1.0.0. Must either be an existing semantic version (e.g. v1.0.0, 1.0.0) or a version range. required: true runs: using: 'node12' diff --git a/index.js b/index.js index 24ffd20..c1c98ca 100644 --- a/index.js +++ b/index.js @@ -13,35 +13,24 @@ // limitations under the License. // // SPDX-License-Identifier: Apache-2.0 -// Copyright (c) Niklas Düster. All Rights Reserved. +// Copyright (c) OWASP Foundation. All Rights Reserved. const core = require('@actions/core'); const exec = require('@actions/exec'); -const fs = require('fs'); const http = require('@actions/http-client'); const io = require('@actions/io'); const os = require('os'); const path = require('path'); const semver = require('semver'); const toolCache = require('@actions/tool-cache'); -const util = require('util'); const input = { - includeStdLib: core.getBooleanInput('include-stdlib'), - includeTest: core.getBooleanInput('include-test'), - json: core.getBooleanInput('json'), - module: core.getInput('module'), - omitSerialNumber: core.getBooleanInput('omit-serial-number'), - omitVersionPrefix: core.getBooleanInput('omit-version-prefix'), - output: core.getInput('output') || '-', - reproducible: core.getBooleanInput('reproducible'), - resolveLicenses: core.getBooleanInput('resolve-licenses'), - type: core.getInput('type') || 'application', + args: core.getInput('args'), version: core.getInput('version'), }; const baseDownloadUrl = 'https://github.com/CycloneDX/cyclonedx-gomod/releases/download'; -const minimumSupportedVersion = 'v0.8.1'; +const minimumSupportedVersion = 'v1.0.0'; function buildDownloadUrl(version) { let fileExtension = "tar.gz"; @@ -52,28 +41,23 @@ function buildDownloadUrl(version) { fileExtension = 'zip'; } - let architecture = os.arch() - if (architecture === 'ia32' || architecture === 'x32') { - architecture = 'x86'; + let architecture = ''; + switch (os.arch()) { + case 'x64': + architecture = 'amd64'; + break; + case 'ia32': + case 'x32': + architecture = '386'; + break; + default: + architecture = os.arch(); + break; } return `${baseDownloadUrl}/v${version}/cyclonedx-gomod_${version}_${platform}_${architecture}.${fileExtension}`; } -async function getLatestReleaseVersion(httpClient) { - core.info('Determining latest release version of cyclonedx-gomod'); - const responseJson = await httpClient.getJson('https://api.github.com/repos/CycloneDX/cyclonedx-gomod/releases/latest'); - if (responseJson === null) { // HTTP 404 - throw new Error('Fetching latest release of cyclonedx-gomod failed: not found'); - } else if (responseJson.statusCode !== 200) { - throw new Error(`Unexpected response status: ${responseJson.statusCode}`); - } - - const version = responseJson.result.tag_name; - core.info(`Latest version is ${version}`); - return version; -} - async function getReleaseVersionMatchingRange(httpClient, range) { core.info(`Determining latest release version of cyclonedx-gomod satisfying "${range}"`); const responseJson = await httpClient.getJson('https://api.github.com/repos/CycloneDX/cyclonedx-gomod/releases'); @@ -98,11 +82,14 @@ async function install(version) { core.info('Extracting archive'); let installDir = ""; if (downloadUrl.endsWith('.zip')) { - installDir = await toolCache.extractZip(archivePath, process.env.HOME); + installDir = await toolCache.extractZip(archivePath); } else { - installDir = await toolCache.extractTar(archivePath, process.env.HOME); + installDir = await toolCache.extractTar(archivePath); } + core.info(`Adding ${installDir} to \$PATH`) + core.addPath(installDir); + return path.join(installDir, 'cyclonedx-gomod'); } @@ -114,56 +101,20 @@ async function run() { await io.which('go', true); let versionToInstall = input.version; - if (versionToInstall.toLowerCase() === 'latest') { - core.warning('Using version "latest" is not recommended, please use version ranges instead!'); - versionToInstall = await getLatestReleaseVersion(httpClient); - } else { - if (!semver.validRange(versionToInstall)) { - throw new Error('version must be a valid version range, see https://github.com/npm/node-semver#advanced-range-syntax') - } - - versionToInstall = await getReleaseVersionMatchingRange(httpClient, versionToInstall); - - if (semver.lt(versionToInstall, minimumSupportedVersion)) { - throw new Error(`cyclonedx-gomod versions below ${minimumSupportedVersion} are not supported`); - } + if (!semver.validRange(versionToInstall)) { + throw new Error('version must be a valid version range, see https://github.com/npm/node-semver#advanced-range-syntax') } - - const binaryPath = await install(versionToInstall.replace(/^v/, '')); - - // Assemble cyclonedx-gomod arguments - let args = ['-output', input.output, '-type', input.type]; - if (input.includeStdLib) { - args.push('-std'); - } - if (input.includeTest) { - args.push('-test'); - } - if (input.json) { - args.push('-json'); - } - if (input.module !== '') { - args.push('-module', input.module); - } - if (input.omitSerialNumber) { - args.push('-noserial'); - } - if (input.omitVersionPrefix) { - args.push('-novprefix'); - } - if (input.reproducible) { - args.push('-reproducible'); - } - if (input.resolveLicenses) { - args.push('-licenses'); + versionToInstall = await getReleaseVersionMatchingRange(httpClient, versionToInstall); + if (semver.lt(versionToInstall, minimumSupportedVersion)) { + throw new Error(`cyclonedx-gomod versions below ${minimumSupportedVersion} are not supported`); } - await exec.exec(binaryPath, args); + const binaryPath = await install(versionToInstall.replace(/^v/, '')); - if (input.output !== '-') { - const readFile = util.promisify(fs.readFile); - const sbomContent = await readFile(input.output); - core.info(`SBOM content:\n${sbomContent.toString('utf-8')}`); + if (input.args != '') { + await exec.exec(binaryPath, input.args.split(/\s+/)); + } else { + core.info('no arguments configured, will not execute cyclonedx-gomod') } } catch (error) { core.setFailed(error.message); diff --git a/node_modules/@actions/core/README.md b/node_modules/@actions/core/README.md index deffaa5..8f227a8 100644 --- a/node_modules/@actions/core/README.md +++ b/node_modules/@actions/core/README.md @@ -92,6 +92,8 @@ try { // Do stuff core.info('Output to the actions build log') + + core.notice('This is a message that will also emit an annotation') } catch (err) { core.error(`Error ${err}, action may still succeed though`); @@ -115,6 +117,59 @@ const result = await core.group('Do something async', async () => { }) ``` +#### Annotations + +This library has 3 methods that will produce [annotations](https://docs.github.com/en/rest/reference/checks#create-a-check-run). +```js +core.error('This is a bad error. This will also fail the build.') + +core.warning('Something went wrong, but it\'s not bad enough to fail the build.') + +core.notice('Something happened that you might want to know about.') +``` + +These will surface to the UI in the Actions page and on Pull Requests. They look something like this: + +![Annotations Image](../../docs/assets/annotations.png) + +These annotations can also be attached to particular lines and columns of your source files to show exactly where a problem is occuring. + +These options are: +```typescript +export interface AnnotationProperties { + /** + * A title for the annotation. + */ + title?: string + + /** + * The name of the file for which the annotation should be created. + */ + file?: string + + /** + * The start line for the annotation. + */ + startLine?: number + + /** + * The end line for the annotation. Defaults to `startLine` when `startLine` is provided. + */ + endLine?: number + + /** + * The start column for the annotation. Cannot be sent when `startLine` and `endLine` are different values. + */ + startColumn?: number + + /** + * The start column for the annotation. Cannot be sent when `startLine` and `endLine` are different values. + * Defaults to `startColumn` when `startColumn` is provided. + */ + endColumn?: number +} +``` + #### Styling output Colored output is supported in the Action logs via standard [ANSI escape codes](https://en.wikipedia.org/wiki/ANSI_escape_code). 3/4 bit, 8 bit and 24 bit colors are all supported. @@ -207,3 +262,51 @@ var pid = core.getState("pidToKill"); process.kill(pid); ``` + +#### OIDC Token + +You can use these methods to interact with the GitHub OIDC provider and get a JWT ID token which would help to get access token from third party cloud providers. + +**Method Name**: getIDToken() + +**Inputs** + +audience : optional + +**Outputs** + +A [JWT](https://jwt.io/) ID Token + +In action's `main.ts`: +```js +const core = require('@actions/core'); +async function getIDTokenAction(): Promise { + + const audience = core.getInput('audience', {required: false}) + + const id_token1 = await core.getIDToken() // ID Token with default audience + const id_token2 = await core.getIDToken(audience) // ID token with custom audience + + // this id_token can be used to get access token from third party cloud providers +} +getIDTokenAction() +``` + +In action's `actions.yml`: + +```yaml +name: 'GetIDToken' +description: 'Get ID token from Github OIDC provider' +inputs: + audience: + description: 'Audience for which the ID token is intended for' + required: false +outputs: + id_token1: + description: 'ID token obtained from OIDC provider' + id_token2: + description: 'ID token obtained from OIDC provider' +runs: + using: 'node12' + main: 'dist/index.js' +``` \ No newline at end of file diff --git a/node_modules/@actions/core/lib/command.d.ts b/node_modules/@actions/core/lib/command.d.ts index 89eff66..53f8f4b 100644 --- a/node_modules/@actions/core/lib/command.d.ts +++ b/node_modules/@actions/core/lib/command.d.ts @@ -1,4 +1,4 @@ -interface CommandProperties { +export interface CommandProperties { [key: string]: any; } /** @@ -13,4 +13,3 @@ interface CommandProperties { */ export declare function issueCommand(command: string, properties: CommandProperties, message: any): void; export declare function issue(name: string, message?: string): void; -export {}; diff --git a/node_modules/@actions/core/lib/core.d.ts b/node_modules/@actions/core/lib/core.d.ts index 6735251..356872e 100644 --- a/node_modules/@actions/core/lib/core.d.ts +++ b/node_modules/@actions/core/lib/core.d.ts @@ -20,6 +20,37 @@ export declare enum ExitCode { */ Failure = 1 } +/** + * Optional properties that can be sent with annotatation commands (notice, error, and warning) + * See: https://docs.github.com/en/rest/reference/checks#create-a-check-run for more information about annotations. + */ +export interface AnnotationProperties { + /** + * A title for the annotation. + */ + title?: string; + /** + * The path of the file for which the annotation should be created. + */ + file?: string; + /** + * The start line for the annotation. + */ + startLine?: number; + /** + * The end line for the annotation. Defaults to `startLine` when `startLine` is provided. + */ + endLine?: number; + /** + * The start column for the annotation. Cannot be sent when `startLine` and `endLine` are different values. + */ + startColumn?: number; + /** + * The start column for the annotation. Cannot be sent when `startLine` and `endLine` are different values. + * Defaults to `startColumn` when `startColumn` is provided. + */ + endColumn?: number; +} /** * Sets env variable for this action and future actions in the job * @param name the name of the variable to set @@ -97,13 +128,21 @@ export declare function debug(message: string): void; /** * Adds an error issue * @param message error issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. */ -export declare function error(message: string | Error): void; +export declare function error(message: string | Error, properties?: AnnotationProperties): void; /** - * Adds an warning issue + * Adds a warning issue * @param message warning issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. + */ +export declare function warning(message: string | Error, properties?: AnnotationProperties): void; +/** + * Adds a notice issue + * @param message notice issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. */ -export declare function warning(message: string | Error): void; +export declare function notice(message: string | Error, properties?: AnnotationProperties): void; /** * Writes info to log with console.log. * @param message info message @@ -144,3 +183,4 @@ export declare function saveState(name: string, value: any): void; * @returns string */ export declare function getState(name: string): string; +export declare function getIDToken(aud?: string): Promise; diff --git a/node_modules/@actions/core/lib/core.js b/node_modules/@actions/core/lib/core.js index f9dbee3..e0ceced 100644 --- a/node_modules/@actions/core/lib/core.js +++ b/node_modules/@actions/core/lib/core.js @@ -28,12 +28,13 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }); }; Object.defineProperty(exports, "__esModule", { value: true }); -exports.getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0; +exports.getIDToken = exports.getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.notice = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0; const command_1 = require("./command"); const file_command_1 = require("./file-command"); const utils_1 = require("./utils"); const os = __importStar(require("os")); const path = __importStar(require("path")); +const oidc_utils_1 = require("./oidc-utils"); /** * The code to exit an action */ @@ -206,19 +207,30 @@ exports.debug = debug; /** * Adds an error issue * @param message error issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. */ -function error(message) { - command_1.issue('error', message instanceof Error ? message.toString() : message); +function error(message, properties = {}) { + command_1.issueCommand('error', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); } exports.error = error; /** - * Adds an warning issue + * Adds a warning issue * @param message warning issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. */ -function warning(message) { - command_1.issue('warning', message instanceof Error ? message.toString() : message); +function warning(message, properties = {}) { + command_1.issueCommand('warning', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); } exports.warning = warning; +/** + * Adds a notice issue + * @param message notice issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. + */ +function notice(message, properties = {}) { + command_1.issueCommand('notice', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); +} +exports.notice = notice; /** * Writes info to log with console.log. * @param message info message @@ -291,4 +303,10 @@ function getState(name) { return process.env[`STATE_${name}`] || ''; } exports.getState = getState; +function getIDToken(aud) { + return __awaiter(this, void 0, void 0, function* () { + return yield oidc_utils_1.OidcClient.getIDToken(aud); + }); +} +exports.getIDToken = getIDToken; //# sourceMappingURL=core.js.map \ No newline at end of file diff --git a/node_modules/@actions/core/lib/core.js.map b/node_modules/@actions/core/lib/core.js.map index 8bd42c0..087a91d 100644 --- a/node_modules/@actions/core/lib/core.js.map +++ b/node_modules/@actions/core/lib/core.js.map @@ -1 +1 @@ -{"version":3,"file":"core.js","sourceRoot":"","sources":["../src/core.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAA6C;AAC7C,iDAA+D;AAC/D,mCAAsC;AAEtC,uCAAwB;AACxB,2CAA4B;AAa5B;;GAEG;AACH,IAAY,QAUX;AAVD,WAAY,QAAQ;IAClB;;OAEG;IACH,6CAAW,CAAA;IAEX;;OAEG;IACH,6CAAW,CAAA;AACb,CAAC,EAVW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAUnB;AAED,yEAAyE;AACzE,YAAY;AACZ,yEAAyE;AAEzE;;;;GAIG;AACH,8DAA8D;AAC9D,SAAgB,cAAc,CAAC,IAAY,EAAE,GAAQ;IACnD,MAAM,YAAY,GAAG,sBAAc,CAAC,GAAG,CAAC,CAAA;IACxC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,YAAY,CAAA;IAEhC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAA;IAChD,IAAI,QAAQ,EAAE;QACZ,MAAM,SAAS,GAAG,qCAAqC,CAAA;QACvD,MAAM,YAAY,GAAG,GAAG,IAAI,KAAK,SAAS,GAAG,EAAE,CAAC,GAAG,GAAG,YAAY,GAAG,EAAE,CAAC,GAAG,GAAG,SAAS,EAAE,CAAA;QACzF,2BAAgB,CAAC,KAAK,EAAE,YAAY,CAAC,CAAA;KACtC;SAAM;QACL,sBAAY,CAAC,SAAS,EAAE,EAAC,IAAI,EAAC,EAAE,YAAY,CAAC,CAAA;KAC9C;AACH,CAAC;AAZD,wCAYC;AAED;;;GAGG;AACH,SAAgB,SAAS,CAAC,MAAc;IACtC,sBAAY,CAAC,UAAU,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;AACtC,CAAC;AAFD,8BAEC;AAED;;;GAGG;AACH,SAAgB,OAAO,CAAC,SAAiB;IACvC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,CAAA;IACjD,IAAI,QAAQ,EAAE;QACZ,2BAAgB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;KACpC;SAAM;QACL,sBAAY,CAAC,UAAU,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;KACxC;IACD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,GAAG,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAA;AAC7E,CAAC;AARD,0BAQC;AAED;;;;;;;;GAQG;AACH,SAAgB,QAAQ,CAAC,IAAY,EAAE,OAAsB;IAC3D,MAAM,GAAG,GACP,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,IAAI,EAAE,CAAA;IACrE,IAAI,OAAO,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,GAAG,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,EAAE,CAAC,CAAA;KAC5D;IAED,IAAI,OAAO,IAAI,OAAO,CAAC,cAAc,KAAK,KAAK,EAAE;QAC/C,OAAO,GAAG,CAAA;KACX;IAED,OAAO,GAAG,CAAC,IAAI,EAAE,CAAA;AACnB,CAAC;AAZD,4BAYC;AAED;;;;;;;GAOG;AACH,SAAgB,iBAAiB,CAC/B,IAAY,EACZ,OAAsB;IAEtB,MAAM,MAAM,GAAa,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC;SAC7C,KAAK,CAAC,IAAI,CAAC;SACX,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAA;IAExB,OAAO,MAAM,CAAA;AACf,CAAC;AATD,8CASC;AAED;;;;;;;;;GASG;AACH,SAAgB,eAAe,CAAC,IAAY,EAAE,OAAsB;IAClE,MAAM,SAAS,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAA;IAC1C,MAAM,UAAU,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;IAC9C,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;IACnC,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAA;IACxC,IAAI,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAA;IAC1C,MAAM,IAAI,SAAS,CACjB,6DAA6D,IAAI,IAAI;QACnE,4EAA4E,CAC/E,CAAA;AACH,CAAC;AAVD,0CAUC;AAED;;;;;GAKG;AACH,8DAA8D;AAC9D,SAAgB,SAAS,CAAC,IAAY,EAAE,KAAU;IAChD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;IAC5B,sBAAY,CAAC,YAAY,EAAE,EAAC,IAAI,EAAC,EAAE,KAAK,CAAC,CAAA;AAC3C,CAAC;AAHD,8BAGC;AAED;;;;GAIG;AACH,SAAgB,cAAc,CAAC,OAAgB;IAC7C,eAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;AACvC,CAAC;AAFD,wCAEC;AAED,yEAAyE;AACzE,UAAU;AACV,yEAAyE;AAEzE;;;;GAIG;AACH,SAAgB,SAAS,CAAC,OAAuB;IAC/C,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAA;IAEnC,KAAK,CAAC,OAAO,CAAC,CAAA;AAChB,CAAC;AAJD,8BAIC;AAED,yEAAyE;AACzE,mBAAmB;AACnB,yEAAyE;AAEzE;;GAEG;AACH,SAAgB,OAAO;IACrB,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,GAAG,CAAA;AAC5C,CAAC;AAFD,0BAEC;AAED;;;GAGG;AACH,SAAgB,KAAK,CAAC,OAAe;IACnC,sBAAY,CAAC,OAAO,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;AACpC,CAAC;AAFD,sBAEC;AAED;;;GAGG;AACH,SAAgB,KAAK,CAAC,OAAuB;IAC3C,eAAK,CAAC,OAAO,EAAE,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;AACzE,CAAC;AAFD,sBAEC;AAED;;;GAGG;AACH,SAAgB,OAAO,CAAC,OAAuB;IAC7C,eAAK,CAAC,SAAS,EAAE,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;AAC3E,CAAC;AAFD,0BAEC;AAED;;;GAGG;AACH,SAAgB,IAAI,CAAC,OAAe;IAClC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,CAAA;AACxC,CAAC;AAFD,oBAEC;AAED;;;;;;GAMG;AACH,SAAgB,UAAU,CAAC,IAAY;IACrC,eAAK,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACtB,CAAC;AAFD,gCAEC;AAED;;GAEG;AACH,SAAgB,QAAQ;IACtB,eAAK,CAAC,UAAU,CAAC,CAAA;AACnB,CAAC;AAFD,4BAEC;AAED;;;;;;;GAOG;AACH,SAAsB,KAAK,CAAI,IAAY,EAAE,EAAoB;;QAC/D,UAAU,CAAC,IAAI,CAAC,CAAA;QAEhB,IAAI,MAAS,CAAA;QAEb,IAAI;YACF,MAAM,GAAG,MAAM,EAAE,EAAE,CAAA;SACpB;gBAAS;YACR,QAAQ,EAAE,CAAA;SACX;QAED,OAAO,MAAM,CAAA;IACf,CAAC;CAAA;AAZD,sBAYC;AAED,yEAAyE;AACzE,uBAAuB;AACvB,yEAAyE;AAEzE;;;;;GAKG;AACH,8DAA8D;AAC9D,SAAgB,SAAS,CAAC,IAAY,EAAE,KAAU;IAChD,sBAAY,CAAC,YAAY,EAAE,EAAC,IAAI,EAAC,EAAE,KAAK,CAAC,CAAA;AAC3C,CAAC;AAFD,8BAEC;AAED;;;;;GAKG;AACH,SAAgB,QAAQ,CAAC,IAAY;IACnC,OAAO,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,IAAI,EAAE,CAAA;AAC3C,CAAC;AAFD,4BAEC"} \ No newline at end of file +{"version":3,"file":"core.js","sourceRoot":"","sources":["../src/core.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAA6C;AAC7C,iDAA+D;AAC/D,mCAA2D;AAE3D,uCAAwB;AACxB,2CAA4B;AAE5B,6CAAuC;AAavC;;GAEG;AACH,IAAY,QAUX;AAVD,WAAY,QAAQ;IAClB;;OAEG;IACH,6CAAW,CAAA;IAEX;;OAEG;IACH,6CAAW,CAAA;AACb,CAAC,EAVW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAUnB;AAuCD,yEAAyE;AACzE,YAAY;AACZ,yEAAyE;AAEzE;;;;GAIG;AACH,8DAA8D;AAC9D,SAAgB,cAAc,CAAC,IAAY,EAAE,GAAQ;IACnD,MAAM,YAAY,GAAG,sBAAc,CAAC,GAAG,CAAC,CAAA;IACxC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,YAAY,CAAA;IAEhC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAA;IAChD,IAAI,QAAQ,EAAE;QACZ,MAAM,SAAS,GAAG,qCAAqC,CAAA;QACvD,MAAM,YAAY,GAAG,GAAG,IAAI,KAAK,SAAS,GAAG,EAAE,CAAC,GAAG,GAAG,YAAY,GAAG,EAAE,CAAC,GAAG,GAAG,SAAS,EAAE,CAAA;QACzF,2BAAgB,CAAC,KAAK,EAAE,YAAY,CAAC,CAAA;KACtC;SAAM;QACL,sBAAY,CAAC,SAAS,EAAE,EAAC,IAAI,EAAC,EAAE,YAAY,CAAC,CAAA;KAC9C;AACH,CAAC;AAZD,wCAYC;AAED;;;GAGG;AACH,SAAgB,SAAS,CAAC,MAAc;IACtC,sBAAY,CAAC,UAAU,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;AACtC,CAAC;AAFD,8BAEC;AAED;;;GAGG;AACH,SAAgB,OAAO,CAAC,SAAiB;IACvC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,CAAA;IACjD,IAAI,QAAQ,EAAE;QACZ,2BAAgB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;KACpC;SAAM;QACL,sBAAY,CAAC,UAAU,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;KACxC;IACD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,GAAG,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAA;AAC7E,CAAC;AARD,0BAQC;AAED;;;;;;;;GAQG;AACH,SAAgB,QAAQ,CAAC,IAAY,EAAE,OAAsB;IAC3D,MAAM,GAAG,GACP,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,IAAI,EAAE,CAAA;IACrE,IAAI,OAAO,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,GAAG,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,EAAE,CAAC,CAAA;KAC5D;IAED,IAAI,OAAO,IAAI,OAAO,CAAC,cAAc,KAAK,KAAK,EAAE;QAC/C,OAAO,GAAG,CAAA;KACX;IAED,OAAO,GAAG,CAAC,IAAI,EAAE,CAAA;AACnB,CAAC;AAZD,4BAYC;AAED;;;;;;;GAOG;AACH,SAAgB,iBAAiB,CAC/B,IAAY,EACZ,OAAsB;IAEtB,MAAM,MAAM,GAAa,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC;SAC7C,KAAK,CAAC,IAAI,CAAC;SACX,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAA;IAExB,OAAO,MAAM,CAAA;AACf,CAAC;AATD,8CASC;AAED;;;;;;;;;GASG;AACH,SAAgB,eAAe,CAAC,IAAY,EAAE,OAAsB;IAClE,MAAM,SAAS,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAA;IAC1C,MAAM,UAAU,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;IAC9C,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;IACnC,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAA;IACxC,IAAI,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAA;IAC1C,MAAM,IAAI,SAAS,CACjB,6DAA6D,IAAI,IAAI;QACnE,4EAA4E,CAC/E,CAAA;AACH,CAAC;AAVD,0CAUC;AAED;;;;;GAKG;AACH,8DAA8D;AAC9D,SAAgB,SAAS,CAAC,IAAY,EAAE,KAAU;IAChD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;IAC5B,sBAAY,CAAC,YAAY,EAAE,EAAC,IAAI,EAAC,EAAE,KAAK,CAAC,CAAA;AAC3C,CAAC;AAHD,8BAGC;AAED;;;;GAIG;AACH,SAAgB,cAAc,CAAC,OAAgB;IAC7C,eAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;AACvC,CAAC;AAFD,wCAEC;AAED,yEAAyE;AACzE,UAAU;AACV,yEAAyE;AAEzE;;;;GAIG;AACH,SAAgB,SAAS,CAAC,OAAuB;IAC/C,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAA;IAEnC,KAAK,CAAC,OAAO,CAAC,CAAA;AAChB,CAAC;AAJD,8BAIC;AAED,yEAAyE;AACzE,mBAAmB;AACnB,yEAAyE;AAEzE;;GAEG;AACH,SAAgB,OAAO;IACrB,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,GAAG,CAAA;AAC5C,CAAC;AAFD,0BAEC;AAED;;;GAGG;AACH,SAAgB,KAAK,CAAC,OAAe;IACnC,sBAAY,CAAC,OAAO,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;AACpC,CAAC;AAFD,sBAEC;AAED;;;;GAIG;AACH,SAAgB,KAAK,CACnB,OAAuB,EACvB,aAAmC,EAAE;IAErC,sBAAY,CACV,OAAO,EACP,2BAAmB,CAAC,UAAU,CAAC,EAC/B,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CACxD,CAAA;AACH,CAAC;AATD,sBASC;AAED;;;;GAIG;AACH,SAAgB,OAAO,CACrB,OAAuB,EACvB,aAAmC,EAAE;IAErC,sBAAY,CACV,SAAS,EACT,2BAAmB,CAAC,UAAU,CAAC,EAC/B,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CACxD,CAAA;AACH,CAAC;AATD,0BASC;AAED;;;;GAIG;AACH,SAAgB,MAAM,CACpB,OAAuB,EACvB,aAAmC,EAAE;IAErC,sBAAY,CACV,QAAQ,EACR,2BAAmB,CAAC,UAAU,CAAC,EAC/B,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CACxD,CAAA;AACH,CAAC;AATD,wBASC;AAED;;;GAGG;AACH,SAAgB,IAAI,CAAC,OAAe;IAClC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,CAAA;AACxC,CAAC;AAFD,oBAEC;AAED;;;;;;GAMG;AACH,SAAgB,UAAU,CAAC,IAAY;IACrC,eAAK,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACtB,CAAC;AAFD,gCAEC;AAED;;GAEG;AACH,SAAgB,QAAQ;IACtB,eAAK,CAAC,UAAU,CAAC,CAAA;AACnB,CAAC;AAFD,4BAEC;AAED;;;;;;;GAOG;AACH,SAAsB,KAAK,CAAI,IAAY,EAAE,EAAoB;;QAC/D,UAAU,CAAC,IAAI,CAAC,CAAA;QAEhB,IAAI,MAAS,CAAA;QAEb,IAAI;YACF,MAAM,GAAG,MAAM,EAAE,EAAE,CAAA;SACpB;gBAAS;YACR,QAAQ,EAAE,CAAA;SACX;QAED,OAAO,MAAM,CAAA;IACf,CAAC;CAAA;AAZD,sBAYC;AAED,yEAAyE;AACzE,uBAAuB;AACvB,yEAAyE;AAEzE;;;;;GAKG;AACH,8DAA8D;AAC9D,SAAgB,SAAS,CAAC,IAAY,EAAE,KAAU;IAChD,sBAAY,CAAC,YAAY,EAAE,EAAC,IAAI,EAAC,EAAE,KAAK,CAAC,CAAA;AAC3C,CAAC;AAFD,8BAEC;AAED;;;;;GAKG;AACH,SAAgB,QAAQ,CAAC,IAAY;IACnC,OAAO,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,IAAI,EAAE,CAAA;AAC3C,CAAC;AAFD,4BAEC;AAED,SAAsB,UAAU,CAAC,GAAY;;QAC3C,OAAO,MAAM,uBAAU,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;IACzC,CAAC;CAAA;AAFD,gCAEC"} \ No newline at end of file diff --git a/node_modules/@actions/core/lib/oidc-utils.d.ts b/node_modules/@actions/core/lib/oidc-utils.d.ts new file mode 100644 index 0000000..657c7f4 --- /dev/null +++ b/node_modules/@actions/core/lib/oidc-utils.d.ts @@ -0,0 +1,7 @@ +export declare class OidcClient { + private static createHttpClient; + private static getRequestToken; + private static getIDTokenUrl; + private static getCall; + static getIDToken(audience?: string): Promise; +} diff --git a/node_modules/@actions/core/lib/oidc-utils.js b/node_modules/@actions/core/lib/oidc-utils.js new file mode 100644 index 0000000..9ee10fa --- /dev/null +++ b/node_modules/@actions/core/lib/oidc-utils.js @@ -0,0 +1,77 @@ +"use strict"; +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.OidcClient = void 0; +const http_client_1 = require("@actions/http-client"); +const auth_1 = require("@actions/http-client/auth"); +const core_1 = require("./core"); +class OidcClient { + static createHttpClient(allowRetry = true, maxRetry = 10) { + const requestOptions = { + allowRetries: allowRetry, + maxRetries: maxRetry + }; + return new http_client_1.HttpClient('actions/oidc-client', [new auth_1.BearerCredentialHandler(OidcClient.getRequestToken())], requestOptions); + } + static getRequestToken() { + const token = process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN']; + if (!token) { + throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable'); + } + return token; + } + static getIDTokenUrl() { + const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL']; + if (!runtimeUrl) { + throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable'); + } + return runtimeUrl; + } + static getCall(id_token_url) { + var _a; + return __awaiter(this, void 0, void 0, function* () { + const httpclient = OidcClient.createHttpClient(); + const res = yield httpclient + .getJson(id_token_url) + .catch(error => { + throw new Error(`Failed to get ID Token. \n + Error Code : ${error.statusCode}\n + Error Message: ${error.result.message}`); + }); + const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value; + if (!id_token) { + throw new Error('Response json body do not have ID Token field'); + } + return id_token; + }); + } + static getIDToken(audience) { + return __awaiter(this, void 0, void 0, function* () { + try { + // New ID Token is requested from action service + let id_token_url = OidcClient.getIDTokenUrl(); + if (audience) { + const encodedAudience = encodeURIComponent(audience); + id_token_url = `${id_token_url}&audience=${encodedAudience}`; + } + core_1.debug(`ID token url is ${id_token_url}`); + const id_token = yield OidcClient.getCall(id_token_url); + core_1.setSecret(id_token); + return id_token; + } + catch (error) { + throw new Error(`Error message: ${error.message}`); + } + }); + } +} +exports.OidcClient = OidcClient; +//# sourceMappingURL=oidc-utils.js.map \ No newline at end of file diff --git a/node_modules/@actions/core/lib/oidc-utils.js.map b/node_modules/@actions/core/lib/oidc-utils.js.map new file mode 100644 index 0000000..0ddbca9 --- /dev/null +++ b/node_modules/@actions/core/lib/oidc-utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"oidc-utils.js","sourceRoot":"","sources":["../src/oidc-utils.ts"],"names":[],"mappings":";;;;;;;;;;;;AAGA,sDAA+C;AAC/C,oDAAiE;AACjE,iCAAuC;AAKvC,MAAa,UAAU;IACb,MAAM,CAAC,gBAAgB,CAC7B,UAAU,GAAG,IAAI,EACjB,QAAQ,GAAG,EAAE;QAEb,MAAM,cAAc,GAAoB;YACtC,YAAY,EAAE,UAAU;YACxB,UAAU,EAAE,QAAQ;SACrB,CAAA;QAED,OAAO,IAAI,wBAAU,CACnB,qBAAqB,EACrB,CAAC,IAAI,8BAAuB,CAAC,UAAU,CAAC,eAAe,EAAE,CAAC,CAAC,EAC3D,cAAc,CACf,CAAA;IACH,CAAC;IAEO,MAAM,CAAC,eAAe;QAC5B,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAA;QAC3D,IAAI,CAAC,KAAK,EAAE;YACV,MAAM,IAAI,KAAK,CACb,2DAA2D,CAC5D,CAAA;SACF;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAEO,MAAM,CAAC,aAAa;QAC1B,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAA;QAC9D,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAA;SAC3E;QACD,OAAO,UAAU,CAAA;IACnB,CAAC;IAEO,MAAM,CAAO,OAAO,CAAC,YAAoB;;;YAC/C,MAAM,UAAU,GAAG,UAAU,CAAC,gBAAgB,EAAE,CAAA;YAEhD,MAAM,GAAG,GAAG,MAAM,UAAU;iBACzB,OAAO,CAAgB,YAAY,CAAC;iBACpC,KAAK,CAAC,KAAK,CAAC,EAAE;gBACb,MAAM,IAAI,KAAK,CACb;uBACa,KAAK,CAAC,UAAU;yBACd,KAAK,CAAC,MAAM,CAAC,OAAO,EAAE,CACtC,CAAA;YACH,CAAC,CAAC,CAAA;YAEJ,MAAM,QAAQ,SAAG,GAAG,CAAC,MAAM,0CAAE,KAAK,CAAA;YAClC,IAAI,CAAC,QAAQ,EAAE;gBACb,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAA;aACjE;YACD,OAAO,QAAQ,CAAA;;KAChB;IAED,MAAM,CAAO,UAAU,CAAC,QAAiB;;YACvC,IAAI;gBACF,gDAAgD;gBAChD,IAAI,YAAY,GAAW,UAAU,CAAC,aAAa,EAAE,CAAA;gBACrD,IAAI,QAAQ,EAAE;oBACZ,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAA;oBACpD,YAAY,GAAG,GAAG,YAAY,aAAa,eAAe,EAAE,CAAA;iBAC7D;gBAED,YAAK,CAAC,mBAAmB,YAAY,EAAE,CAAC,CAAA;gBAExC,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,CAAA;gBACvD,gBAAS,CAAC,QAAQ,CAAC,CAAA;gBACnB,OAAO,QAAQ,CAAA;aAChB;YAAC,OAAO,KAAK,EAAE;gBACd,MAAM,IAAI,KAAK,CAAC,kBAAkB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;aACnD;QACH,CAAC;KAAA;CACF;AAzED,gCAyEC"} \ No newline at end of file diff --git a/node_modules/@actions/core/lib/utils.d.ts b/node_modules/@actions/core/lib/utils.d.ts index b39c9be..3b9e28d 100644 --- a/node_modules/@actions/core/lib/utils.d.ts +++ b/node_modules/@actions/core/lib/utils.d.ts @@ -1,5 +1,14 @@ +import { AnnotationProperties } from './core'; +import { CommandProperties } from './command'; /** * Sanitizes an input into a string so it can be passed into issueCommand safely * @param input input to sanitize into a string */ export declare function toCommandValue(input: any): string; +/** + * + * @param annotationProperties + * @returns The command properties to send with the actual annotation command + * See IssueCommandProperties: https://github.com/actions/runner/blob/main/src/Runner.Worker/ActionCommandManager.cs#L646 + */ +export declare function toCommandProperties(annotationProperties: AnnotationProperties): CommandProperties; diff --git a/node_modules/@actions/core/lib/utils.js b/node_modules/@actions/core/lib/utils.js index e83052e..9b5ca44 100644 --- a/node_modules/@actions/core/lib/utils.js +++ b/node_modules/@actions/core/lib/utils.js @@ -2,7 +2,7 @@ // We use any as a valid input type /* eslint-disable @typescript-eslint/no-explicit-any */ Object.defineProperty(exports, "__esModule", { value: true }); -exports.toCommandValue = void 0; +exports.toCommandProperties = exports.toCommandValue = void 0; /** * Sanitizes an input into a string so it can be passed into issueCommand safely * @param input input to sanitize into a string @@ -17,4 +17,24 @@ function toCommandValue(input) { return JSON.stringify(input); } exports.toCommandValue = toCommandValue; +/** + * + * @param annotationProperties + * @returns The command properties to send with the actual annotation command + * See IssueCommandProperties: https://github.com/actions/runner/blob/main/src/Runner.Worker/ActionCommandManager.cs#L646 + */ +function toCommandProperties(annotationProperties) { + if (!Object.keys(annotationProperties).length) { + return {}; + } + return { + title: annotationProperties.title, + file: annotationProperties.file, + line: annotationProperties.startLine, + endLine: annotationProperties.endLine, + col: annotationProperties.startColumn, + endColumn: annotationProperties.endColumn + }; +} +exports.toCommandProperties = toCommandProperties; //# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/node_modules/@actions/core/lib/utils.js.map b/node_modules/@actions/core/lib/utils.js.map index 6b68d95..8211bb7 100644 --- a/node_modules/@actions/core/lib/utils.js.map +++ b/node_modules/@actions/core/lib/utils.js.map @@ -1 +1 @@ -{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";AAAA,mCAAmC;AACnC,uDAAuD;;;AAEvD;;;GAGG;AACH,SAAgB,cAAc,CAAC,KAAU;IACvC,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE;QACzC,OAAO,EAAE,CAAA;KACV;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,YAAY,MAAM,EAAE;QAC/D,OAAO,KAAe,CAAA;KACvB;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;AAC9B,CAAC;AAPD,wCAOC"} \ No newline at end of file +{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";AAAA,mCAAmC;AACnC,uDAAuD;;;AAKvD;;;GAGG;AACH,SAAgB,cAAc,CAAC,KAAU;IACvC,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE;QACzC,OAAO,EAAE,CAAA;KACV;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,YAAY,MAAM,EAAE;QAC/D,OAAO,KAAe,CAAA;KACvB;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;AAC9B,CAAC;AAPD,wCAOC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CACjC,oBAA0C;IAE1C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,MAAM,EAAE;QAC7C,OAAO,EAAE,CAAA;KACV;IAED,OAAO;QACL,KAAK,EAAE,oBAAoB,CAAC,KAAK;QACjC,IAAI,EAAE,oBAAoB,CAAC,IAAI;QAC/B,IAAI,EAAE,oBAAoB,CAAC,SAAS;QACpC,OAAO,EAAE,oBAAoB,CAAC,OAAO;QACrC,GAAG,EAAE,oBAAoB,CAAC,WAAW;QACrC,SAAS,EAAE,oBAAoB,CAAC,SAAS;KAC1C,CAAA;AACH,CAAC;AAfD,kDAeC"} \ No newline at end of file diff --git a/node_modules/@actions/core/package.json b/node_modules/@actions/core/package.json index 9403749..278737d 100644 --- a/node_modules/@actions/core/package.json +++ b/node_modules/@actions/core/package.json @@ -1,16 +1,44 @@ { - "name": "@actions/core", - "version": "1.4.0", - "description": "Actions core lib", - "keywords": [ - "github", - "actions", - "core" + "_args": [ + [ + "@actions/core@1.6.0", + "/home/nscur0/development/projects/cyclonedx/gh-gomod-generate-sbom" + ] ], - "homepage": "https://github.com/actions/toolkit/tree/main/packages/core", - "license": "MIT", - "main": "lib/core.js", - "types": "lib/core.d.ts", + "_from": "@actions/core@1.6.0", + "_id": "@actions/core@1.6.0", + "_inBundle": false, + "_integrity": "sha512-NB1UAZomZlCV/LmJqkLhNTqtKfFXJZAUPcfl/zqG7EfsQdeUJtaWO98SGbuQ3pydJ3fHl2CvI/51OKYlCYYcaw==", + "_location": "/@actions/core", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "@actions/core@1.6.0", + "name": "@actions/core", + "escapedName": "@actions%2fcore", + "scope": "@actions", + "rawSpec": "1.6.0", + "saveSpec": null, + "fetchSpec": "1.6.0" + }, + "_requiredBy": [ + "/", + "/@actions/tool-cache" + ], + "_resolved": "https://registry.npmjs.org/@actions/core/-/core-1.6.0.tgz", + "_spec": "1.6.0", + "_where": "/home/nscur0/development/projects/cyclonedx/gh-gomod-generate-sbom", + "bugs": { + "url": "https://github.com/actions/toolkit/issues" + }, + "dependencies": { + "@actions/http-client": "^1.0.11" + }, + "description": "Actions core lib", + "devDependencies": { + "@types/node": "^12.0.2" + }, "directories": { "lib": "lib", "test": "__tests__" @@ -19,6 +47,15 @@ "lib", "!.DS_Store" ], + "homepage": "https://github.com/actions/toolkit/tree/main/packages/core", + "keywords": [ + "github", + "actions", + "core" + ], + "license": "MIT", + "main": "lib/core.js", + "name": "@actions/core", "publishConfig": { "access": "public" }, @@ -32,10 +69,6 @@ "test": "echo \"Error: run tests from root\" && exit 1", "tsc": "tsc" }, - "bugs": { - "url": "https://github.com/actions/toolkit/issues" - }, - "devDependencies": { - "@types/node": "^12.0.2" - } + "types": "lib/core.d.ts", + "version": "1.6.0" } diff --git a/node_modules/@actions/exec/package.json b/node_modules/@actions/exec/package.json index ff0cebf..617d959 100644 --- a/node_modules/@actions/exec/package.json +++ b/node_modules/@actions/exec/package.json @@ -1,16 +1,41 @@ { - "name": "@actions/exec", - "version": "1.1.0", - "description": "Actions exec lib", - "keywords": [ - "github", - "actions", - "exec" + "_args": [ + [ + "@actions/exec@1.1.0", + "/home/nscur0/development/projects/cyclonedx/gh-gomod-generate-sbom" + ] ], - "homepage": "https://github.com/actions/toolkit/tree/main/packages/exec", - "license": "MIT", - "main": "lib/exec.js", - "types": "lib/exec.d.ts", + "_from": "@actions/exec@1.1.0", + "_id": "@actions/exec@1.1.0", + "_inBundle": false, + "_integrity": "sha512-LImpN9AY0J1R1mEYJjVJfSZWU4zYOlEcwSTgPve1rFQqK5AwrEs6uWW5Rv70gbDIQIAUwI86z6B+9mPK4w9Sbg==", + "_location": "/@actions/exec", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "@actions/exec@1.1.0", + "name": "@actions/exec", + "escapedName": "@actions%2fexec", + "scope": "@actions", + "rawSpec": "1.1.0", + "saveSpec": null, + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/", + "/@actions/tool-cache" + ], + "_resolved": "https://registry.npmjs.org/@actions/exec/-/exec-1.1.0.tgz", + "_spec": "1.1.0", + "_where": "/home/nscur0/development/projects/cyclonedx/gh-gomod-generate-sbom", + "bugs": { + "url": "https://github.com/actions/toolkit/issues" + }, + "dependencies": { + "@actions/io": "^1.0.1" + }, + "description": "Actions exec lib", "directories": { "lib": "lib", "test": "__tests__" @@ -19,6 +44,15 @@ "lib", "!.DS_Store" ], + "homepage": "https://github.com/actions/toolkit/tree/main/packages/exec", + "keywords": [ + "github", + "actions", + "exec" + ], + "license": "MIT", + "main": "lib/exec.js", + "name": "@actions/exec", "publishConfig": { "access": "public" }, @@ -32,10 +66,6 @@ "test": "echo \"Error: run tests from root\" && exit 1", "tsc": "tsc" }, - "bugs": { - "url": "https://github.com/actions/toolkit/issues" - }, - "dependencies": { - "@actions/io": "^1.0.1" - } + "types": "lib/exec.d.ts", + "version": "1.1.0" } diff --git a/node_modules/@actions/io/package.json b/node_modules/@actions/io/package.json index 114e8e5..29607ca 100644 --- a/node_modules/@actions/io/package.json +++ b/node_modules/@actions/io/package.json @@ -1,16 +1,39 @@ { - "name": "@actions/io", - "version": "1.1.1", - "description": "Actions io lib", - "keywords": [ - "github", - "actions", - "io" + "_args": [ + [ + "@actions/io@1.1.1", + "/home/nscur0/development/projects/cyclonedx/gh-gomod-generate-sbom" + ] ], - "homepage": "https://github.com/actions/toolkit/tree/main/packages/io", - "license": "MIT", - "main": "lib/io.js", - "types": "lib/io.d.ts", + "_from": "@actions/io@1.1.1", + "_id": "@actions/io@1.1.1", + "_inBundle": false, + "_integrity": "sha512-Qi4JoKXjmE0O67wAOH6y0n26QXhMKMFo7GD/4IXNVcrtLjUlGjGuVys6pQgwF3ArfGTQu0XpqaNr0YhED2RaRA==", + "_location": "/@actions/io", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "@actions/io@1.1.1", + "name": "@actions/io", + "escapedName": "@actions%2fio", + "scope": "@actions", + "rawSpec": "1.1.1", + "saveSpec": null, + "fetchSpec": "1.1.1" + }, + "_requiredBy": [ + "/", + "/@actions/exec", + "/@actions/tool-cache" + ], + "_resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.1.tgz", + "_spec": "1.1.1", + "_where": "/home/nscur0/development/projects/cyclonedx/gh-gomod-generate-sbom", + "bugs": { + "url": "https://github.com/actions/toolkit/issues" + }, + "description": "Actions io lib", "directories": { "lib": "lib", "test": "__tests__" @@ -18,6 +41,15 @@ "files": [ "lib" ], + "homepage": "https://github.com/actions/toolkit/tree/main/packages/io", + "keywords": [ + "github", + "actions", + "io" + ], + "license": "MIT", + "main": "lib/io.js", + "name": "@actions/io", "publishConfig": { "access": "public" }, @@ -31,7 +63,6 @@ "test": "echo \"Error: run tests from root\" && exit 1", "tsc": "tsc" }, - "bugs": { - "url": "https://github.com/actions/toolkit/issues" - } + "types": "lib/io.d.ts", + "version": "1.1.1" } diff --git a/node_modules/@actions/tool-cache/package.json b/node_modules/@actions/tool-cache/package.json index 2d15bd6..f0924bf 100644 --- a/node_modules/@actions/tool-cache/package.json +++ b/node_modules/@actions/tool-cache/package.json @@ -1,16 +1,51 @@ { - "name": "@actions/tool-cache", - "version": "1.7.1", - "description": "Actions tool-cache lib", - "keywords": [ - "github", - "actions", - "exec" + "_args": [ + [ + "@actions/tool-cache@1.7.1", + "/home/nscur0/development/projects/cyclonedx/gh-gomod-generate-sbom" + ] ], - "homepage": "https://github.com/actions/toolkit/tree/main/packages/tool-cache", - "license": "MIT", - "main": "lib/tool-cache.js", - "types": "lib/tool-cache.d.ts", + "_from": "@actions/tool-cache@1.7.1", + "_id": "@actions/tool-cache@1.7.1", + "_inBundle": false, + "_integrity": "sha512-y1xxxOhXaBUIUit3lhepmu/0xdgiTMpnZRLmVdtF0hTm521doi+MdRRRP62czHvM7wxH6epj4JPNJQ3iJpOrkQ==", + "_location": "/@actions/tool-cache", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "@actions/tool-cache@1.7.1", + "name": "@actions/tool-cache", + "escapedName": "@actions%2ftool-cache", + "scope": "@actions", + "rawSpec": "1.7.1", + "saveSpec": null, + "fetchSpec": "1.7.1" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/@actions/tool-cache/-/tool-cache-1.7.1.tgz", + "_spec": "1.7.1", + "_where": "/home/nscur0/development/projects/cyclonedx/gh-gomod-generate-sbom", + "bugs": { + "url": "https://github.com/actions/toolkit/issues" + }, + "dependencies": { + "@actions/core": "^1.2.6", + "@actions/exec": "^1.0.0", + "@actions/http-client": "^1.0.8", + "@actions/io": "^1.1.1", + "semver": "^6.1.0", + "uuid": "^3.3.2" + }, + "description": "Actions tool-cache lib", + "devDependencies": { + "@types/nock": "^10.0.3", + "@types/semver": "^6.0.0", + "@types/uuid": "^3.4.4", + "nock": "^10.0.6" + }, "directories": { "lib": "lib", "test": "__tests__" @@ -19,6 +54,15 @@ "lib", "scripts" ], + "homepage": "https://github.com/actions/toolkit/tree/main/packages/tool-cache", + "keywords": [ + "github", + "actions", + "exec" + ], + "license": "MIT", + "main": "lib/tool-cache.js", + "name": "@actions/tool-cache", "publishConfig": { "access": "public" }, @@ -32,21 +76,6 @@ "test": "echo \"Error: run tests from root\" && exit 1", "tsc": "tsc" }, - "bugs": { - "url": "https://github.com/actions/toolkit/issues" - }, - "dependencies": { - "@actions/core": "^1.2.6", - "@actions/exec": "^1.0.0", - "@actions/http-client": "^1.0.8", - "@actions/io": "^1.1.1", - "semver": "^6.1.0", - "uuid": "^3.3.2" - }, - "devDependencies": { - "@types/nock": "^10.0.3", - "@types/semver": "^6.0.0", - "@types/uuid": "^3.4.4", - "nock": "^10.0.6" - } + "types": "lib/tool-cache.d.ts", + "version": "1.7.1" } diff --git a/package-lock.json b/package-lock.json index 81f8c0b..b9c731a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,87 +1,8 @@ { "name": "gh-gomod-generate-sbom", - "version": "0.1.0", - "lockfileVersion": 2, + "version": "1.0.0", + "lockfileVersion": 1, "requires": true, - "packages": { - "": { - "version": "0.1.0", - "license": "Apache-2.0", - "dependencies": { - "@actions/core": "^1.6.0", - "@actions/exec": "^1.1.0", - "@actions/http-client": "^1.0.11", - "@actions/io": "^1.1.1", - "@actions/tool-cache": "^1.7.1" - } - }, - "node_modules/@actions/core": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.6.0.tgz", - "integrity": "sha512-NB1UAZomZlCV/LmJqkLhNTqtKfFXJZAUPcfl/zqG7EfsQdeUJtaWO98SGbuQ3pydJ3fHl2CvI/51OKYlCYYcaw==", - "dependencies": { - "@actions/http-client": "^1.0.11" - } - }, - "node_modules/@actions/exec": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@actions/exec/-/exec-1.1.0.tgz", - "integrity": "sha512-LImpN9AY0J1R1mEYJjVJfSZWU4zYOlEcwSTgPve1rFQqK5AwrEs6uWW5Rv70gbDIQIAUwI86z6B+9mPK4w9Sbg==", - "dependencies": { - "@actions/io": "^1.0.1" - } - }, - "node_modules/@actions/http-client": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-1.0.11.tgz", - "integrity": "sha512-VRYHGQV1rqnROJqdMvGUbY/Kn8vriQe/F9HR2AlYHzmKuM/p3kjNuXhmdBfcVgsvRWTz5C5XW5xvndZrVBuAYg==", - "dependencies": { - "tunnel": "0.0.6" - } - }, - "node_modules/@actions/io": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.1.tgz", - "integrity": "sha512-Qi4JoKXjmE0O67wAOH6y0n26QXhMKMFo7GD/4IXNVcrtLjUlGjGuVys6pQgwF3ArfGTQu0XpqaNr0YhED2RaRA==" - }, - "node_modules/@actions/tool-cache": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@actions/tool-cache/-/tool-cache-1.7.1.tgz", - "integrity": "sha512-y1xxxOhXaBUIUit3lhepmu/0xdgiTMpnZRLmVdtF0hTm521doi+MdRRRP62czHvM7wxH6epj4JPNJQ3iJpOrkQ==", - "dependencies": { - "@actions/core": "^1.2.6", - "@actions/exec": "^1.0.0", - "@actions/http-client": "^1.0.8", - "@actions/io": "^1.1.1", - "semver": "^6.1.0", - "uuid": "^3.3.2" - } - }, - "node_modules/semver": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", - "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/tunnel": { - "version": "0.0.6", - "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", - "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==", - "engines": { - "node": ">=0.6.11 <=0.7.0 || >=0.7.3" - } - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "bin": { - "uuid": "bin/uuid" - } - } - }, "dependencies": { "@actions/core": { "version": "1.6.0",