Artifact metadata
Use these endpoints to retrieve and manage metadata for artifacts in your organization. Artifact metadata provides information about build artifacts, their provenance, and related details.
Create artifact metadata storage record
Create metadata storage records for artifacts associated with an organization. This endpoint will create a new artifact storage record on behalf of any artifact matching the provided digest and associated with a repository owned by the organization.
Jetons d’accès affinés pour « Create artifact metadata storage record »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Contents" repository permissions (write)
Paramètres pour « Create artifact metadata storage record »
| Nom, Type, Description |
|---|
accept string Setting to |
| Nom, Type, Description |
|---|
org string ObligatoireThe organization name. The name is not case sensitive. |
| Nom, Type, Description |
|---|
name string ObligatoireThe name of the artifact. |
digest string ObligatoireThe digest of the artifact (algorithm:hex-encoded-digest). |
artifact_url string The URL where the artifact is stored. |
path string The path of the artifact. |
registry_url string ObligatoireThe base URL of the artifact registry. |
repository string The repository name within the registry. |
status string The status of the artifact (e.g., active, inactive). Default: Peut être: |
Codes d’état de la réponse HTTP pour « Create artifact metadata storage record »
| Code d’état | Description |
|---|---|
200 | Artifact metadata storage record stored successfully. |
Exemples de code pour « Create artifact metadata storage record »
Exemple de requête
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/artifacts/metadata/storage-record \
-d '{"name":"libfoo-1.2.3","digest":"sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72","artifact_url":"https://reg.example.com/artifactory/bar/libfoo-1.2.3","registry_url":"https://reg.example.com/artifactory/","repository":"bar","status":"active"}'Artifact metadata storage record stored successfully.
Status: 200{
"total_count": 1,
"storage_records": [
{
"name": "libfoo-1.2.3",
"digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72",
"artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3",
"registry_url": "https://reg.example.com/artifactory/",
"repository": "bar",
"status": "active",
"created_at": "2023-10-01T12:00:00Z",
"updated_at": "2023-10-01T12:00:00Z"
}
]
}List artifact storage records
List a collection of artifact storage records with a given subject digest that are associated with repositories owned by an organization.
The collection of storage records returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the content:read permission is required.
Jetons d’accès affinés pour « List artifact storage records »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Contents" repository permissions (read)
Paramètres pour « List artifact storage records »
| Nom, Type, Description |
|---|
accept string Setting to |
| Nom, Type, Description |
|---|
org string ObligatoireThe organization name. The name is not case sensitive. |
subject_digest string ObligatoireThe parameter should be set to the attestation's subject's SHA256 digest, in the form |
Codes d’état de la réponse HTTP pour « List artifact storage records »
| Code d’état | Description |
|---|---|
200 | OK |
Exemples de code pour « List artifact storage records »
Exemple de requête
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/artifacts/SUBJECT_DIGEST/metadata/storage-recordsResponse
Status: 200{
"storage_records": [
{
"name": "libfoo-1.2.3",
"digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72",
"artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3",
"registry_url": "https://reg.example.com/artifactory/",
"repository": "bar",
"status": "active",
"created_at": "2023-10-01T12:00:00Z",
"updated_at": "2023-10-01T12:00:00Z"
}
]
}