Artifact metadata
Use these endpoints to retrieve and manage metadata for artifacts in your organization. Artifact metadata provides information about build artifacts, their provenance, and related details.
Create artifact metadata storage record
Create metadata storage records for artifacts associated with an organization. This endpoint will create a new artifact storage record on behalf of any artifact matching the provided digest and associated with a repository owned by the organization.
Tokens de acesso refinados para "Create artifact metadata storage record"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Contents" repository permissions (write)
Parâmetros para "Create artifact metadata storage record"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
org string ObrigatórioThe organization name. The name is not case sensitive. |
| Nome, Tipo, Descrição |
|---|
name string ObrigatórioThe name of the artifact. |
digest string ObrigatórioThe digest of the artifact (algorithm:hex-encoded-digest). |
artifact_url string The URL where the artifact is stored. |
path string The path of the artifact. |
registry_url string ObrigatórioThe base URL of the artifact registry. |
repository string The repository name within the registry. |
status string The status of the artifact (e.g., active, inactive). Padrão: Pode ser um dos: |
Códigos de status de resposta HTTP para "Create artifact metadata storage record"
| Código de status | Descrição |
|---|---|
200 | Artifact metadata storage record stored successfully. |
Exemplos de código para "Create artifact metadata storage record"
Exemplo de solicitação
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/artifacts/metadata/storage-record \
-d '{"name":"libfoo-1.2.3","digest":"sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72","artifact_url":"https://reg.example.com/artifactory/bar/libfoo-1.2.3","registry_url":"https://reg.example.com/artifactory/","repository":"bar","status":"active"}'Artifact metadata storage record stored successfully.
Status: 200{
"total_count": 1,
"storage_records": [
{
"name": "libfoo-1.2.3",
"digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72",
"artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3",
"registry_url": "https://reg.example.com/artifactory/",
"repository": "bar",
"status": "active",
"created_at": "2023-10-01T12:00:00Z",
"updated_at": "2023-10-01T12:00:00Z"
}
]
}List artifact storage records
List a collection of artifact storage records with a given subject digest that are associated with repositories owned by an organization.
The collection of storage records returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the content:read permission is required.
Tokens de acesso refinados para "List artifact storage records"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Contents" repository permissions (read)
Parâmetros para "List artifact storage records"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
org string ObrigatórioThe organization name. The name is not case sensitive. |
subject_digest string ObrigatórioThe parameter should be set to the attestation's subject's SHA256 digest, in the form |
Códigos de status de resposta HTTP para "List artifact storage records"
| Código de status | Descrição |
|---|---|
200 | OK |
Exemplos de código para "List artifact storage records"
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/artifacts/SUBJECT_DIGEST/metadata/storage-recordsResponse
Status: 200{
"storage_records": [
{
"name": "libfoo-1.2.3",
"digest": "sha256:1bb1e949e55dcefc6353e7b36c8897d2a107d8e8dca49d4e3c0ea8493fc0bc72",
"artifact_url": "https://reg.example.com/artifactory/bar/libfoo-1.2.3",
"registry_url": "https://reg.example.com/artifactory/",
"repository": "bar",
"status": "active",
"created_at": "2023-10-01T12:00:00Z",
"updated_at": "2023-10-01T12:00:00Z"
}
]
}