Artifact metadata
Use these endpoints to retrieve and manage metadata for artifacts in your organization. Artifact metadata provides information about build artifacts, their provenance, and related details.
Create artifact metadata storage record
Create metadata storage records for artifacts associated with an organization. This endpoint will create a new artifact storage record on behalf of any artifact matching the provided digest and associated with a repository owned by the organization.
Tokens de acceso específicos para "Create artifact metadata storage record"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- Tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Contents" repository permissions (write)
Parámetros para "Create artifact metadata storage record"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
org string RequeridoThe organization name. The name is not case sensitive. |
| Nombre, Tipo, Descripción |
|---|
name string RequeridoThe name of the artifact. |
digest string RequeridoThe digest of the artifact (algorithm:hex-encoded-digest). |
artifact_url string The URL where the artifact is stored. |
path string The path of the artifact. |
registry_url string RequeridoThe base URL of the artifact registry. |
repository string The repository name within the registry. |
status string The status of the artifact (e.g., active, inactive). Valor predeterminado: Puede ser uno de los siguientes: |
Códigos de estado de respuesta HTTP para "Create artifact metadata storage record"
| status code | Descripción |
|---|---|
200 | Artifact metadata storage record stored successfully. |
Ejemplos de código para "Create artifact metadata storage record"
Si accedes a GitHub en GHE.com, reemplaza api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/artifacts/metadata/storage-record \
-d '{"name":"libfoo-1.2.3","digest":"sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72","artifact_url":"https://reg.example.com/artifactory/bar/libfoo-1.2.3","registry_url":"https://reg.example.com/artifactory/","repository":"bar","status":"active"}'Artifact metadata storage record stored successfully.
Status: 200{
"total_count": 1,
"storage_records": [
{
"name": "libfoo-1.2.3",
"digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72",
"artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3",
"registry_url": "https://reg.example.com/artifactory/",
"repository": "bar",
"status": "active",
"created_at": "2023-10-01T12:00:00Z",
"updated_at": "2023-10-01T12:00:00Z"
}
]
}List artifact storage records
List a collection of artifact storage records with a given subject digest that are associated with repositories owned by an organization.
The collection of storage records returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the content:read permission is required.
Tokens de acceso específicos para "List artifact storage records"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- Tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Contents" repository permissions (read)
Parámetros para "List artifact storage records"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
org string RequeridoThe organization name. The name is not case sensitive. |
subject_digest string RequeridoThe parameter should be set to the attestation's subject's SHA256 digest, in the form |
Códigos de estado de respuesta HTTP para "List artifact storage records"
| status code | Descripción |
|---|---|
200 | OK |
Ejemplos de código para "List artifact storage records"
Si accedes a GitHub en GHE.com, reemplaza api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/artifacts/SUBJECT_DIGEST/metadata/storage-recordsResponse
Status: 200{
"storage_records": [
{
"name": "libfoo-1.2.3",
"digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72",
"artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3",
"registry_url": "https://reg.example.com/artifactory/",
"repository": "bar",
"status": "active",
"created_at": "2023-10-01T12:00:00Z",
"updated_at": "2023-10-01T12:00:00Z"
}
]
}