Метаданные артефактов

Используйте эти конечные точки для получения метаданных и управления ими для артефактов в организации. Метаданные артефактов содержат сведения о артефактах сборки, их происхождении и связанных сведений.

Create artifact metadata storage record

Create metadata storage records for artifacts associated with an organization. This endpoint will create a new artifact storage record on behalf of any artifact matching the provided digest and associated with a repository owned by the organization.

Подробные маркеры доступа для "Create artifact metadata storage record

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

"Contents" repository permissions (write)

Параметры для "Create artifact metadata storage record"

Заголовки
Имя., Тип, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Параметры пути
Имя., Тип, Description
`org` string Обязательное поле The organization name. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
`name` string Обязательное поле The name of the artifact.
`digest` string Обязательное поле The digest of the artifact (algorithm:hex-encoded-digest).
`artifact_url` string The URL where the artifact is stored.
`path` string The path of the artifact.
`registry_url` string Обязательное поле The base URL of the artifact registry.
`repository` string The repository name within the registry.
`status` string The status of the artifact (e.g., active, inactive). По умолчанию.: `active` Возможные значения: `active`, `eol`, `deleted`
`github_repository` string The name of the GitHub repository associated with the artifact. This should be used when there are no provenance attestations available for the artifact. The repository must belong to the organization specified in the path parameter. If a provenance attestation is available for the artifact, the API will use the repository information from the attestation instead of this parameter.

Коды состояния http-ответа для "Create artifact metadata storage record"

Код состояния	Описание
`200`	Artifact metadata storage record stored successfully.

Примеры кода для "Create artifact metadata storage record"

Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.

Пример запроса

post/orgs/{org}/artifacts/metadata/storage-record

curl -L \
  -X POST \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/orgs/ORG/artifacts/metadata/storage-record \
  -d '{"name":"libfoo-1.2.3","digest":"sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72","artifact_url":"https://reg.example.com/artifactory/bar/libfoo-1.2.3","registry_url":"https://reg.example.com/artifactory/","repository":"bar","status":"active"}'

Artifact metadata storage record stored successfully.

Status: 200

{
  "total_count": 1,
  "storage_records": [
    {
      "name": "libfoo-1.2.3",
      "digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72",
      "artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3",
      "registry_url": "https://reg.example.com/artifactory/",
      "repository": "bar",
      "status": "active",
      "created_at": "2023-10-01T12:00:00Z",
      "updated_at": "2023-10-01T12:00:00Z"
    }
  ]
}

List artifact storage records

List a collection of artifact storage records with a given subject digest that are associated with repositories owned by an organization.

The collection of storage records returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the content:read permission is required.

Подробные маркеры доступа для "List artifact storage records

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

"Contents" repository permissions (read)

Параметры для "List artifact storage records"

Заголовки
Имя., Тип, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Параметры пути
Имя., Тип, Description
`org` string Обязательное поле The organization name. The name is not case sensitive.
`subject_digest` string Обязательное поле The parameter should be set to the attestation's subject's SHA256 digest, in the form `sha256:HEX_DIGEST`.

Коды состояния http-ответа для "List artifact storage records"

Код состояния	Описание
`200`	OK

Примеры кода для "List artifact storage records"

Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.

Пример запроса

get/orgs/{org}/artifacts/{subject_digest}/metadata/storage-records

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/orgs/ORG/artifacts/SUBJECT_DIGEST/metadata/storage-records

Response

Status: 200

{
  "storage_records": [
    {
      "name": "libfoo-1.2.3",
      "digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72",
      "artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3",
      "registry_url": "https://reg.example.com/artifactory/",
      "repository": "bar",
      "status": "active",
      "created_at": "2023-10-01T12:00:00Z",
      "updated_at": "2023-10-01T12:00:00Z"
    }
  ]
}