Die REST-API verfügt jetzt über eine Versionskontrolle. Weitere Informationen findest du unter Informationen zur API-Versionsverwaltung.

Artifact metadata

Use these endpoints to retrieve and manage metadata for artifacts in your organization. Artifact metadata provides information about build artifacts, their provenance, and related details.

Create artifact metadata storage record

Create metadata storage records for artifacts associated with an organization. This endpoint will create a new artifact storage record on behalf of any artifact matching the provided digest and associated with a repository owned by the organization.

Differenzierte Zugriffstoken für "Create artifact metadata storage record"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Contents" repository permissions (write)

Parameter für „Create artifact metadata storage record“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
org string Erforderlich

The organization name. The name is not case sensitive.

Textparameter
name string Erforderlich

The name of the artifact.

digest string Erforderlich

The digest of the artifact (algorithm:hex-encoded-digest).

artifact_url string

The URL where the artifact is stored.

path string

The path of the artifact.

registry_url string Erforderlich

The base URL of the artifact registry.

repository string

The repository name within the registry.

status string

The status of the artifact (e.g., active, inactive).

Standard: active

Kann eine der Folgenden sein: active, eol, deleted

HTTP-Antwortstatuscodes für „Create artifact metadata storage record“

StatuscodeBESCHREIBUNG
200

Artifact metadata storage record stored successfully.

Codebeispiele für „Create artifact metadata storage record“

Anforderungsbeispiel

post/orgs/{org}/artifacts/metadata/storage-record
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/artifacts/metadata/storage-record \ -d '{"name":"libfoo-1.2.3","digest":"sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72","artifact_url":"https://reg.example.com/artifactory/bar/libfoo-1.2.3","registry_url":"https://reg.example.com/artifactory/","repository":"bar","status":"active"}'

Artifact metadata storage record stored successfully.

Status: 200
{ "total_count": 1, "storage_records": [ { "name": "libfoo-1.2.3", "digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72", "artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3", "registry_url": "https://reg.example.com/artifactory/", "repository": "bar", "status": "active", "created_at": "2023-10-01T12:00:00Z", "updated_at": "2023-10-01T12:00:00Z" } ] }

List artifact storage records

List a collection of artifact storage records with a given subject digest that are associated with repositories owned by an organization.

The collection of storage records returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the content:read permission is required.

Differenzierte Zugriffstoken für "List artifact storage records"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Contents" repository permissions (read)

Parameter für „List artifact storage records“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
org string Erforderlich

The organization name. The name is not case sensitive.

subject_digest string Erforderlich

The parameter should be set to the attestation's subject's SHA256 digest, in the form sha256:HEX_DIGEST.

HTTP-Antwortstatuscodes für „List artifact storage records“

StatuscodeBESCHREIBUNG
200

OK

Codebeispiele für „List artifact storage records“

Anforderungsbeispiel

get/orgs/{org}/artifacts/{subject_digest}/metadata/storage-records
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/artifacts/SUBJECT_DIGEST/metadata/storage-records

Response

Status: 200
{ "storage_records": [ { "name": "libfoo-1.2.3", "digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72", "artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3", "registry_url": "https://reg.example.com/artifactory/", "repository": "bar", "status": "active", "created_at": "2023-10-01T12:00:00Z", "updated_at": "2023-10-01T12:00:00Z" } ] }