actions/auth
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add example

Browse Source
This commit is contained in:
Seth Vargo 2021-09-16 13:00:02 -04:00
parent 688a7bd017
commit 271e0346a0
No known key found for this signature in database
GPG Key ID: C921994F9C27E0FF
1 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
README.md
View File

@ -196,6 +196,36 @@ the [gcloud][gcloud] command-line tool.
is correct). This all happens without exporting a Google Cloud service is correct). This all happens without exporting a Google Cloud service
account key JSON! account key JSON!
## GitHub Token Format
Here is a sample GitHub Token for reference for attribute mappings:
```json
{
"jti": "...",
"sub": "repo:username/reponame:ref:refs/heads/master",
"aud": "sigstore",
"ref": "refs/heads/master",
"sha": "d11880f4f451ee35192135525dc974c56a3c1b28",
"repository": "username/reponame",
"repository_owner": "reponame",
"run_id": "1238222155",
"run_number": "18",
"run_attempt": "1",
"actor": "username",
"workflow": "OIDC",
"head_ref": "",
"base_ref": "",
"event_name": "push",
"ref_type": "branch",
"job_workflow_ref": "username/reponame/.github/workflows/token.yml@refs/heads/master",
"iss": "https://vstoken.actions.githubusercontent.com",
"nbf": 1631718827,
"exp": 1631719727,
"iat": 1631719427
}
```
[wif]: https://cloud.google.com/iam/docs/workload-identity-federation [wif]: https://cloud.google.com/iam/docs/workload-identity-federation
[gcloud]: https://cloud.google.com/sdk [gcloud]: https://cloud.google.com/sdk
[map-external]: https://cloud.google.com/iam/docs/access-resources-oidc#impersonate [map-external]: https://cloud.google.com/iam/docs/access-resources-oidc#impersonate