Artifact metadata
Use these endpoints to retrieve and manage metadata for artifacts in your organization. Artifact metadata provides information about build artifacts, their provenance, and related details.
Create artifact metadata storage record
Create metadata storage records for artifacts associated with an organization. This endpoint will create a new artifact storage record on behalf of any artifact matching the provided digest and associated with a repository owned by the organization.
Подробные маркеры доступа для "Create artifact metadata storage record
Эта конечная точка работает со следующими точными типами маркеров:
- Маркеры доступа пользователей приложения GitHub
- Маркеры доступа к установке приложений GitHub
- Точные личные маркеры доступа
Маркер с точной детализацией должен иметь следующий набор разрешений.:
- "Contents" repository permissions (write)
Параметры для "Create artifact metadata storage record"
| Имя., Тип, Description |
|---|
accept string Setting to |
| Имя., Тип, Description |
|---|
org string Обязательное полеThe organization name. The name is not case sensitive. |
| Имя., Тип, Description |
|---|
name string Обязательное полеThe name of the artifact. |
digest string Обязательное полеThe digest of the artifact (algorithm:hex-encoded-digest). |
artifact_url string The URL where the artifact is stored. |
path string The path of the artifact. |
registry_url string Обязательное полеThe base URL of the artifact registry. |
repository string The repository name within the registry. |
status string The status of the artifact (e.g., active, inactive). По умолчанию.: Возможные значения: |
Коды состояния http-ответа для "Create artifact metadata storage record"
| Код состояния | Описание |
|---|---|
200 | Artifact metadata storage record stored successfully. |
Примеры кода для "Create artifact metadata storage record"
Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.
Пример запроса
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/artifacts/metadata/storage-record \
-d '{"name":"libfoo-1.2.3","digest":"sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72","artifact_url":"https://reg.example.com/artifactory/bar/libfoo-1.2.3","registry_url":"https://reg.example.com/artifactory/","repository":"bar","status":"active"}'Artifact metadata storage record stored successfully.
Status: 200{
"total_count": 1,
"storage_records": [
{
"name": "libfoo-1.2.3",
"digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72",
"artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3",
"registry_url": "https://reg.example.com/artifactory/",
"repository": "bar",
"status": "active",
"created_at": "2023-10-01T12:00:00Z",
"updated_at": "2023-10-01T12:00:00Z"
}
]
}List artifact storage records
List a collection of artifact storage records with a given subject digest that are associated with repositories owned by an organization.
The collection of storage records returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the content:read permission is required.
Подробные маркеры доступа для "List artifact storage records
Эта конечная точка работает со следующими точными типами маркеров:
- Маркеры доступа пользователей приложения GitHub
- Маркеры доступа к установке приложений GitHub
- Точные личные маркеры доступа
Маркер с точной детализацией должен иметь следующий набор разрешений.:
- "Contents" repository permissions (read)
Параметры для "List artifact storage records"
| Имя., Тип, Description |
|---|
accept string Setting to |
| Имя., Тип, Description |
|---|
org string Обязательное полеThe organization name. The name is not case sensitive. |
subject_digest string Обязательное полеThe parameter should be set to the attestation's subject's SHA256 digest, in the form |
Коды состояния http-ответа для "List artifact storage records"
| Код состояния | Описание |
|---|---|
200 | OK |
Примеры кода для "List artifact storage records"
Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.
Пример запроса
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/artifacts/SUBJECT_DIGEST/metadata/storage-recordsResponse
Status: 200{
"storage_records": [
{
"name": "libfoo-1.2.3",
"digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72",
"artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3",
"registry_url": "https://reg.example.com/artifactory/",
"repository": "bar",
"status": "active",
"created_at": "2023-10-01T12:00:00Z",
"updated_at": "2023-10-01T12:00:00Z"
}
]
}