From b4f681197b5c43a660963017a1fd1d29c5082797 Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Mon, 10 Jun 2024 23:23:27 +0800 Subject: [PATCH 1/7] Update action.yml to verify artifact attestations --- action.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/action.yml b/action.yml index 7a1823d..b47f5f7 100644 --- a/action.yml +++ b/action.yml @@ -44,6 +44,9 @@ runs: export DEB_PYTHON_INSTALL_LAYOUT=deb fi python3 -m pip install -r "$GITHUB_ACTION_PATH/requirements.txt" + + # Verifying artifact attestations + gh attestation verify commit_check-*.whl -R commit-check/commit-check - name: Run commit-check shell: bash run: python3 ${{ github.action_path }}/main.py From 939166d1ca2dbaf421a59f858a312c35ef7e20cc Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Mon, 10 Jun 2024 23:26:45 +0800 Subject: [PATCH 2/7] Update action.yml to add GH_TOKEN --- action.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/action.yml b/action.yml index b47f5f7..a9c3c23 100644 --- a/action.yml +++ b/action.yml @@ -47,6 +47,8 @@ runs: # Verifying artifact attestations gh attestation verify commit_check-*.whl -R commit-check/commit-check + env: + GH_TOKEN: ${{ github.token }} - name: Run commit-check shell: bash run: python3 ${{ github.action_path }}/main.py From 40a7a044910060890835a11d739a3f1097222c67 Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Mon, 10 Jun 2024 23:28:04 +0800 Subject: [PATCH 3/7] Update action.yml --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index a9c3c23..727733d 100644 --- a/action.yml +++ b/action.yml @@ -46,7 +46,7 @@ runs: python3 -m pip install -r "$GITHUB_ACTION_PATH/requirements.txt" # Verifying artifact attestations - gh attestation verify commit_check-*.whl -R commit-check/commit-check + gh attestation verify "$GITHUB_ACTION_PATH/commit_check-*.whl" -R commit-check/commit-check env: GH_TOKEN: ${{ github.token }} - name: Run commit-check From a6c849b14c8d43c15b4c8e05006ce3da4ea14660 Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Mon, 10 Jun 2024 23:33:17 +0800 Subject: [PATCH 4/7] Update action.yml --- action.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 727733d..4e9cf8a 100644 --- a/action.yml +++ b/action.yml @@ -43,10 +43,14 @@ runs: # https://github.com/pypa/setuptools/issues/3269 export DEB_PYTHON_INSTALL_LAYOUT=deb fi - python3 -m pip install -r "$GITHUB_ACTION_PATH/requirements.txt" + # Download artifact + python3 -m pip download -r "$GITHUB_ACTION_PATH/requirements.txt" # Verifying artifact attestations gh attestation verify "$GITHUB_ACTION_PATH/commit_check-*.whl" -R commit-check/commit-check + + # Install artifact + python3 -m pip install -r "$GITHUB_ACTION_PATH/commit_check-*.whl" env: GH_TOKEN: ${{ github.token }} - name: Run commit-check From 2a64446ed2ec930449aa31491d3a5cd8ada401b3 Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Mon, 10 Jun 2024 23:34:19 +0800 Subject: [PATCH 5/7] Update action.yml --- action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 4e9cf8a..4d74efd 100644 --- a/action.yml +++ b/action.yml @@ -47,10 +47,10 @@ runs: python3 -m pip download -r "$GITHUB_ACTION_PATH/requirements.txt" # Verifying artifact attestations - gh attestation verify "$GITHUB_ACTION_PATH/commit_check-*.whl" -R commit-check/commit-check + gh attestation verify commit_check-*.whl -R commit-check/commit-check # Install artifact - python3 -m pip install -r "$GITHUB_ACTION_PATH/commit_check-*.whl" + python3 -m pip install commit_check-*.whl env: GH_TOKEN: ${{ github.token }} - name: Run commit-check From 4c9e6687b222c64dace6c2118ced830ec9d06038 Mon Sep 17 00:00:00 2001 From: shenxianpeng Date: Thu, 31 Oct 2024 11:37:49 +0200 Subject: [PATCH 6/7] Update action.yml --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index ecd886d..3d04e66 100644 --- a/action.yml +++ b/action.yml @@ -54,7 +54,7 @@ runs: gh attestation verify commit_check-*.whl -R commit-check/commit-check # Install artifact - python3 -m pip install commit_check-*.whl + python3 -m pip install commit_check-*.whl PyGithub-*.whl python3 -m venv venv source venv/bin/activate python3 "$GITHUB_ACTION_PATH/main.py" From 83911311e1b63fc2e26ed1925b3a835933590914 Mon Sep 17 00:00:00 2001 From: shenxianpeng Date: Thu, 3 Apr 2025 15:42:26 +0000 Subject: [PATCH 7/7] fix: create virtual env then verify attestations --- action.yml | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/action.yml b/action.yml index 35d7380..cdd75ea 100644 --- a/action.yml +++ b/action.yml @@ -51,16 +51,23 @@ runs: # https://github.com/pypa/setuptools/issues/3269 export DEB_PYTHON_INSTALL_LAYOUT=deb fi + + # Set up virtual environment + python3 -m venv venv + source venv/bin/activate + # Download artifact python3 -m pip download -r "$GITHUB_ACTION_PATH/requirements.txt" - # Verifying artifact attestations - gh attestation verify commit_check-*.whl -R commit-check/commit-check + # Verify artifact attestations + if ! gh attestation verify commit_check-*.whl -R commit-check/commit-check; then + echo "Artifact verification failed. Aborting installation." + exit 1 + fi # Install artifact python3 -m pip install commit_check-*.whl PyGithub-*.whl - python3 -m venv venv - source venv/bin/activate + python3 "$GITHUB_ACTION_PATH/main.py" env: MESSAGE: ${{ inputs.message }} pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy