1- name : Test Action Wrapper
1+ name : Test Witness Action Wrapper
22
33on :
44 push :
5- branches :
6- - main
5+ branches : [ main ]
76 pull_request :
8- branches :
9- - main
10- workflow_dispatch :
7+ branches : [ main ]
8+
9+ permissions :
10+ id-token : write # This is required for requesting the JWT
11+ contents : read # This is required for actions/checkout
1112
1213jobs :
1314 test-basic :
@@ -20,31 +21,33 @@ jobs:
2021 uses : actions/setup-node@v3
2122 with :
2223 node-version : ' 16'
23-
24+
2425 - name : Install dependencies
2526 run : npm ci
2627
27- - name : Run basic hello-world test
28+ - name : Test wrapper with basic attestation
29+ id : attestation
2830 uses : ./
29- id : hello-test
3031 with :
31- action-ref :
" actions/[email protected] " 32- who-to-greet : " Hello World"
32+ # Action to run
33+ action-ref : " actions/hello-world-javascript-action@main"
34+ input-who-to-greet : " World"
35+
36+ # Witness configuration
3337 step : " hello-world"
34- attestations : " command environment"
35- outfile : " ./hello-world.json"
38+ attestations : " command"
3639
37- - name : Verify hello-world action ran
40+ - name : Check attestation file
3841 run : |
39- if [[ -f "./ hello-world.json" ]]; then
40- echo "Hello world attestation created successfully"
41- jq . "./ hello-world.json" | head -n 20
42+ if [[ -f "/tmp/ hello-world-attestation .json" ]]; then
43+ echo "Attestation created successfully"
44+ jq . "/tmp/ hello-world-attestation .json" | head -n 20
4245 else
43- echo "Hello world attestation file not found!"
46+ echo "Attestation file not found!"
4447 exit 1
4548 fi
4649
47- test-input-forwarding :
50+ test-multi-attestors :
4851 runs-on : ubuntu-latest
4952 steps :
5053 - name : Checkout repository
@@ -54,26 +57,137 @@ jobs:
5457 uses : actions/setup-node@v3
5558 with :
5659 node-version : ' 16'
60+
61+ - name : Install dependencies
62+ run : npm ci
63+
64+ - name : Test wrapper with multiple attestors
65+ id : multi-attestation
66+ uses : ./
67+ with :
68+ # Action to run
69+ action-ref : " actions/hello-world-javascript-action@main"
70+ input-who-to-greet : " Witness"
5771
72+ # Witness configuration
73+ step : " hello-world-multi"
74+ attestations : " command attestor.git attestor.sbom"
75+ attestor-sbom-export : " true"
76+ outfile : " ./multi-attestation.json"
77+
78+ - name : Check attestation file
79+ run : |
80+ if [[ -f "./multi-attestation.json" ]]; then
81+ echo "Multi-attestation created successfully"
82+ jq . "./multi-attestation.json" | head -n 20
83+ else
84+ echo "Multi-attestation file not found!"
85+ exit 1
86+ fi
87+
88+ - name : Upload attestation as artifact
89+ uses : actions/upload-artifact@v4
90+ with :
91+ name : attestation-files
92+ path : ./multi-attestation.json
93+
94+ test-sigstore-archivista :
95+ runs-on : ubuntu-latest
96+ steps :
97+ - name : Checkout repository
98+ uses : actions/checkout@v3
99+
100+ - name : Setup Node.js
101+ uses : actions/setup-node@v3
102+ with :
103+ node-version : ' 16'
104+
58105 - name : Install dependencies
59106 run : npm ci
107+
108+ - name : Test with Sigstore and Archivista
109+ id : sigstore-attestation
110+ uses : ./
111+ with :
112+ # Action to run
113+ action-ref : " actions/hello-world-javascript-action@main"
114+ input-who-to-greet : " Sigstore"
115+
116+ # Witness configuration
117+ step : test-sigstore
118+ attestations : " environment git github slsa"
119+ attestor-slsa-export : " true"
120+ enable-sigstore : " true"
121+ enable-archivista : " true"
122+ outfile : " ./sigstore-attestation.json"
123+
124+ - name : Check GitOID output
125+ run : |
126+ if [[ -n "${{ steps.sigstore-attestation.outputs.git_oid }}" ]]; then
127+ echo "GitOID: ${{ steps.sigstore-attestation.outputs.git_oid }}"
128+ echo "Attestation succeeded with Sigstore and Archivista"
129+ else
130+ echo "No GitOID returned - this might be expected in PR builds without proper credentials"
131+ fi
132+
133+ name : Check attestation file
134+ run : |
135+ if [[ -f "./sigstore-attestation.json" ]]; then
136+ echo "Sigstore attestation created successfully"
137+ jq . "./sigstore-attestation.json" | head -n 20
138+ else
139+ echo "Sigstore attestation file not found!"
140+ exit 1
141+ fi
142+
143+ - name : Upload sigstore attestation as artifact
144+ uses : actions/upload-artifact@v4
145+ with :
146+ name : sigstore-attestation
147+ path : ./sigstore-attestation.json
148+
149+ test-direct-command :
150+ runs-on : ubuntu-latest
151+ steps :
152+ - name : Checkout repository
153+ uses : actions/checkout@v3
60154
61- - name : Run input forwarding test
155+ - name : Setup Node.js
156+ uses : actions/setup-node@v3
157+ with :
158+ node-version : ' 16'
159+
160+ - name : Install dependencies
161+ run : npm ci
162+
163+ - name : Test direct command
164+ id : direct-command
62165 uses : ./
63- id : input-test
64166 with :
65- action-ref :
" actions/[email protected] " 66- who-to-greet : " Input Forwarding"
67- step : " input-forwarding"
167+ # Direct command to run
168+ command : " echo hello > hello.txt"
169+
170+ # Witness configuration
171+ step : " direct-command"
68172 attestations : " command environment"
69- outfile : " ./input-forward.json"
173+ outfile : " ./direct-command.json"
174+
175+ - name : Check command output
176+ run : |
177+ if [ -f "hello.txt" ]; then
178+ echo "Command output:"
179+ cat hello.txt
180+ else
181+ echo "Command output file not found!"
182+ exit 1
183+ fi
70184
71- - name : Verify input forwarding
185+ name : Check attestation file
72186 run : |
73- if [[ -f "./input-forward .json" ]]; then
74- echo "Input forwarding attestation created successfully"
75- jq . "./input-forward .json" | head -n 20
187+ if [[ -f "./direct-command .json" ]]; then
188+ echo "Direct command attestation created successfully"
189+ jq . "./direct-command .json" | head -n 20
76190 else
77- echo "Input forwarding attestation file not found!"
191+ echo "Direct command attestation file not found!"
78192 exit 1
79193 fi
0 commit comments