diff --git a/dist/main/index.js b/dist/main/index.js
index 1724bcb..d5bb806 100644
--- a/dist/main/index.js
+++ b/dist/main/index.js
@@ -1 +1 @@
-(()=>{var e={351:function(e,t,n){"use strict";var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){if(r===undefined)r=n;Object.defineProperty(e,r,{enumerable:true,get:function(){return t[n]}})}:function(e,t,n,r){if(r===undefined)r=n;e[r]=t[n]});var o=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:true,value:t})}:function(e,t){e["default"]=t});var s=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(e!=null)for(var n in e)if(n!=="default"&&Object.hasOwnProperty.call(e,n))r(t,e,n);o(t,e);return t};Object.defineProperty(t,"__esModule",{value:true});t.issue=t.issueCommand=void 0;const i=s(n(37));const a=n(278);function issueCommand(e,t,n){const r=new Command(e,t,n);process.stdout.write(r.toString()+i.EOL)}t.issueCommand=issueCommand;function issue(e,t=""){issueCommand(e,{},t)}t.issue=issue;const c="::";class Command{constructor(e,t,n){if(!e){e="missing.command"}this.command=e;this.properties=t;this.message=n}toString(){let e=c+this.command;if(this.properties&&Object.keys(this.properties).length>0){e+=" ";let t=true;for(const n in this.properties){if(this.properties.hasOwnProperty(n)){const r=this.properties[n];if(r){if(t){t=false}else{e+=","}e+=`${n}=${escapeProperty(r)}`}}}}e+=`${c}${escapeData(this.message)}`;return e}}function escapeData(e){return a.toCommandValue(e).replace(/%/g,"%25").replace(/\r/g,"%0D").replace(/\n/g,"%0A")}function escapeProperty(e){return a.toCommandValue(e).replace(/%/g,"%25").replace(/\r/g,"%0D").replace(/\n/g,"%0A").replace(/:/g,"%3A").replace(/,/g,"%2C")}},186:function(e,t,n){"use strict";var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){if(r===undefined)r=n;Object.defineProperty(e,r,{enumerable:true,get:function(){return t[n]}})}:function(e,t,n,r){if(r===undefined)r=n;e[r]=t[n]});var o=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:true,value:t})}:function(e,t){e["default"]=t});var s=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(e!=null)for(var n in e)if(n!=="default"&&Object.hasOwnProperty.call(e,n))r(t,e,n);o(t,e);return t};var i=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};Object.defineProperty(t,"__esModule",{value:true});t.getIDToken=t.getState=t.saveState=t.group=t.endGroup=t.startGroup=t.info=t.notice=t.warning=t.error=t.debug=t.isDebug=t.setFailed=t.setCommandEcho=t.setOutput=t.getBooleanInput=t.getMultilineInput=t.getInput=t.addPath=t.setSecret=t.exportVariable=t.ExitCode=void 0;const a=n(351);const c=n(717);const u=n(278);const l=s(n(37));const p=s(n(17));const d=n(41);var f;(function(e){e[e["Success"]=0]="Success";e[e["Failure"]=1]="Failure"})(f=t.ExitCode||(t.ExitCode={}));function exportVariable(e,t){const n=u.toCommandValue(t);process.env[e]=n;const r=process.env["GITHUB_ENV"]||"";if(r){const t="_GitHubActionsFileCommandDelimeter_";const r=`${e}<<${t}${l.EOL}${n}${l.EOL}${t}`;c.issueCommand("ENV",r)}else{a.issueCommand("set-env",{name:e},n)}}t.exportVariable=exportVariable;function setSecret(e){a.issueCommand("add-mask",{},e)}t.setSecret=setSecret;function addPath(e){const t=process.env["GITHUB_PATH"]||"";if(t){c.issueCommand("PATH",e)}else{a.issueCommand("add-path",{},e)}process.env["PATH"]=`${e}${p.delimiter}${process.env["PATH"]}`}t.addPath=addPath;function getInput(e,t){const n=process.env[`INPUT_${e.replace(/ /g,"_").toUpperCase()}`]||"";if(t&&t.required&&!n){throw new Error(`Input required and not supplied: ${e}`)}if(t&&t.trimWhitespace===false){return n}return n.trim()}t.getInput=getInput;function getMultilineInput(e,t){const n=getInput(e,t).split("\n").filter((e=>e!==""));return n}t.getMultilineInput=getMultilineInput;function getBooleanInput(e,t){const n=["true","True","TRUE"];const r=["false","False","FALSE"];const o=getInput(e,t);if(n.includes(o))return true;if(r.includes(o))return false;throw new TypeError(`Input does not meet YAML 1.2 "Core Schema" specification: ${e}\n`+`Support boolean input list: \`true | True | TRUE | false | False | FALSE\``)}t.getBooleanInput=getBooleanInput;function setOutput(e,t){process.stdout.write(l.EOL);a.issueCommand("set-output",{name:e},t)}t.setOutput=setOutput;function setCommandEcho(e){a.issue("echo",e?"on":"off")}t.setCommandEcho=setCommandEcho;function setFailed(e){process.exitCode=f.Failure;error(e)}t.setFailed=setFailed;function isDebug(){return process.env["RUNNER_DEBUG"]==="1"}t.isDebug=isDebug;function debug(e){a.issueCommand("debug",{},e)}t.debug=debug;function error(e,t={}){a.issueCommand("error",u.toCommandProperties(t),e instanceof Error?e.toString():e)}t.error=error;function warning(e,t={}){a.issueCommand("warning",u.toCommandProperties(t),e instanceof Error?e.toString():e)}t.warning=warning;function notice(e,t={}){a.issueCommand("notice",u.toCommandProperties(t),e instanceof Error?e.toString():e)}t.notice=notice;function info(e){process.stdout.write(e+l.EOL)}t.info=info;function startGroup(e){a.issue("group",e)}t.startGroup=startGroup;function endGroup(){a.issue("endgroup")}t.endGroup=endGroup;function group(e,t){return i(this,void 0,void 0,(function*(){startGroup(e);let n;try{n=yield t()}finally{endGroup()}return n}))}t.group=group;function saveState(e,t){a.issueCommand("save-state",{name:e},t)}t.saveState=saveState;function getState(e){return process.env[`STATE_${e}`]||""}t.getState=getState;function getIDToken(e){return i(this,void 0,void 0,(function*(){return yield d.OidcClient.getIDToken(e)}))}t.getIDToken=getIDToken},717:function(e,t,n){"use strict";var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){if(r===undefined)r=n;Object.defineProperty(e,r,{enumerable:true,get:function(){return t[n]}})}:function(e,t,n,r){if(r===undefined)r=n;e[r]=t[n]});var o=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:true,value:t})}:function(e,t){e["default"]=t});var s=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(e!=null)for(var n in e)if(n!=="default"&&Object.hasOwnProperty.call(e,n))r(t,e,n);o(t,e);return t};Object.defineProperty(t,"__esModule",{value:true});t.issueCommand=void 0;const i=s(n(147));const a=s(n(37));const c=n(278);function issueCommand(e,t){const n=process.env[`GITHUB_${e}`];if(!n){throw new Error(`Unable to find environment variable for file command ${e}`)}if(!i.existsSync(n)){throw new Error(`Missing file at path: ${n}`)}i.appendFileSync(n,`${c.toCommandValue(t)}${a.EOL}`,{encoding:"utf8"})}t.issueCommand=issueCommand},41:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};Object.defineProperty(t,"__esModule",{value:true});t.OidcClient=void 0;const o=n(925);const s=n(702);const i=n(186);class OidcClient{static createHttpClient(e=true,t=10){const n={allowRetries:e,maxRetries:t};return new o.HttpClient("actions/oidc-client",[new s.BearerCredentialHandler(OidcClient.getRequestToken())],n)}static getRequestToken(){const e=process.env["ACTIONS_ID_TOKEN_REQUEST_TOKEN"];if(!e){throw new Error("Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable")}return e}static getIDTokenUrl(){const e=process.env["ACTIONS_ID_TOKEN_REQUEST_URL"];if(!e){throw new Error("Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable")}return e}static getCall(e){var t;return r(this,void 0,void 0,(function*(){const n=OidcClient.createHttpClient();const r=yield n.getJson(e).catch((e=>{throw new Error(`Failed to get ID Token. \n \n        Error Code : ${e.statusCode}\n \n        Error Message: ${e.result.message}`)}));const o=(t=r.result)===null||t===void 0?void 0:t.value;if(!o){throw new Error("Response json body do not have ID Token field")}return o}))}static getIDToken(e){return r(this,void 0,void 0,(function*(){try{let t=OidcClient.getIDTokenUrl();if(e){const n=encodeURIComponent(e);t=`${t}&audience=${n}`}i.debug(`ID token url is ${t}`);const n=yield OidcClient.getCall(t);i.setSecret(n);return n}catch(e){throw new Error(`Error message: ${e.message}`)}}))}}t.OidcClient=OidcClient},278:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:true});t.toCommandProperties=t.toCommandValue=void 0;function toCommandValue(e){if(e===null||e===undefined){return""}else if(typeof e==="string"||e instanceof String){return e}return JSON.stringify(e)}t.toCommandValue=toCommandValue;function toCommandProperties(e){if(!Object.keys(e).length){return{}}return{title:e.title,file:e.file,line:e.startLine,endLine:e.endLine,col:e.startColumn,endColumn:e.endColumn}}t.toCommandProperties=toCommandProperties},702:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:true});class BasicCredentialHandler{constructor(e,t){this.username=e;this.password=t}prepareRequest(e){e.headers["Authorization"]="Basic "+Buffer.from(this.username+":"+this.password).toString("base64")}canHandleAuthentication(e){return false}handleAuthentication(e,t,n){return null}}t.BasicCredentialHandler=BasicCredentialHandler;class BearerCredentialHandler{constructor(e){this.token=e}prepareRequest(e){e.headers["Authorization"]="Bearer "+this.token}canHandleAuthentication(e){return false}handleAuthentication(e,t,n){return null}}t.BearerCredentialHandler=BearerCredentialHandler;class PersonalAccessTokenCredentialHandler{constructor(e){this.token=e}prepareRequest(e){e.headers["Authorization"]="Basic "+Buffer.from("PAT:"+this.token).toString("base64")}canHandleAuthentication(e){return false}handleAuthentication(e,t,n){return null}}t.PersonalAccessTokenCredentialHandler=PersonalAccessTokenCredentialHandler},925:(e,t,n)=>{"use strict";Object.defineProperty(t,"__esModule",{value:true});const r=n(685);const o=n(687);const s=n(443);let i;var a;(function(e){e[e["OK"]=200]="OK";e[e["MultipleChoices"]=300]="MultipleChoices";e[e["MovedPermanently"]=301]="MovedPermanently";e[e["ResourceMoved"]=302]="ResourceMoved";e[e["SeeOther"]=303]="SeeOther";e[e["NotModified"]=304]="NotModified";e[e["UseProxy"]=305]="UseProxy";e[e["SwitchProxy"]=306]="SwitchProxy";e[e["TemporaryRedirect"]=307]="TemporaryRedirect";e[e["PermanentRedirect"]=308]="PermanentRedirect";e[e["BadRequest"]=400]="BadRequest";e[e["Unauthorized"]=401]="Unauthorized";e[e["PaymentRequired"]=402]="PaymentRequired";e[e["Forbidden"]=403]="Forbidden";e[e["NotFound"]=404]="NotFound";e[e["MethodNotAllowed"]=405]="MethodNotAllowed";e[e["NotAcceptable"]=406]="NotAcceptable";e[e["ProxyAuthenticationRequired"]=407]="ProxyAuthenticationRequired";e[e["RequestTimeout"]=408]="RequestTimeout";e[e["Conflict"]=409]="Conflict";e[e["Gone"]=410]="Gone";e[e["TooManyRequests"]=429]="TooManyRequests";e[e["InternalServerError"]=500]="InternalServerError";e[e["NotImplemented"]=501]="NotImplemented";e[e["BadGateway"]=502]="BadGateway";e[e["ServiceUnavailable"]=503]="ServiceUnavailable";e[e["GatewayTimeout"]=504]="GatewayTimeout"})(a=t.HttpCodes||(t.HttpCodes={}));var c;(function(e){e["Accept"]="accept";e["ContentType"]="content-type"})(c=t.Headers||(t.Headers={}));var u;(function(e){e["ApplicationJson"]="application/json"})(u=t.MediaTypes||(t.MediaTypes={}));function getProxyUrl(e){let t=s.getProxyUrl(new URL(e));return t?t.href:""}t.getProxyUrl=getProxyUrl;const l=[a.MovedPermanently,a.ResourceMoved,a.SeeOther,a.TemporaryRedirect,a.PermanentRedirect];const p=[a.BadGateway,a.ServiceUnavailable,a.GatewayTimeout];const d=["OPTIONS","GET","DELETE","HEAD"];const f=10;const h=5;class HttpClientError extends Error{constructor(e,t){super(e);this.name="HttpClientError";this.statusCode=t;Object.setPrototypeOf(this,HttpClientError.prototype)}}t.HttpClientError=HttpClientError;class HttpClientResponse{constructor(e){this.message=e}readBody(){return new Promise((async(e,t)=>{let n=Buffer.alloc(0);this.message.on("data",(e=>{n=Buffer.concat([n,e])}));this.message.on("end",(()=>{e(n.toString())}))}))}}t.HttpClientResponse=HttpClientResponse;function isHttps(e){let t=new URL(e);return t.protocol==="https:"}t.isHttps=isHttps;class HttpClient{constructor(e,t,n){this._ignoreSslError=false;this._allowRedirects=true;this._allowRedirectDowngrade=false;this._maxRedirects=50;this._allowRetries=false;this._maxRetries=1;this._keepAlive=false;this._disposed=false;this.userAgent=e;this.handlers=t||[];this.requestOptions=n;if(n){if(n.ignoreSslError!=null){this._ignoreSslError=n.ignoreSslError}this._socketTimeout=n.socketTimeout;if(n.allowRedirects!=null){this._allowRedirects=n.allowRedirects}if(n.allowRedirectDowngrade!=null){this._allowRedirectDowngrade=n.allowRedirectDowngrade}if(n.maxRedirects!=null){this._maxRedirects=Math.max(n.maxRedirects,0)}if(n.keepAlive!=null){this._keepAlive=n.keepAlive}if(n.allowRetries!=null){this._allowRetries=n.allowRetries}if(n.maxRetries!=null){this._maxRetries=n.maxRetries}}}options(e,t){return this.request("OPTIONS",e,null,t||{})}get(e,t){return this.request("GET",e,null,t||{})}del(e,t){return this.request("DELETE",e,null,t||{})}post(e,t,n){return this.request("POST",e,t,n||{})}patch(e,t,n){return this.request("PATCH",e,t,n||{})}put(e,t,n){return this.request("PUT",e,t,n||{})}head(e,t){return this.request("HEAD",e,null,t||{})}sendStream(e,t,n,r){return this.request(e,t,n,r)}async getJson(e,t={}){t[c.Accept]=this._getExistingOrDefaultHeader(t,c.Accept,u.ApplicationJson);let n=await this.get(e,t);return this._processResponse(n,this.requestOptions)}async postJson(e,t,n={}){let r=JSON.stringify(t,null,2);n[c.Accept]=this._getExistingOrDefaultHeader(n,c.Accept,u.ApplicationJson);n[c.ContentType]=this._getExistingOrDefaultHeader(n,c.ContentType,u.ApplicationJson);let o=await this.post(e,r,n);return this._processResponse(o,this.requestOptions)}async putJson(e,t,n={}){let r=JSON.stringify(t,null,2);n[c.Accept]=this._getExistingOrDefaultHeader(n,c.Accept,u.ApplicationJson);n[c.ContentType]=this._getExistingOrDefaultHeader(n,c.ContentType,u.ApplicationJson);let o=await this.put(e,r,n);return this._processResponse(o,this.requestOptions)}async patchJson(e,t,n={}){let r=JSON.stringify(t,null,2);n[c.Accept]=this._getExistingOrDefaultHeader(n,c.Accept,u.ApplicationJson);n[c.ContentType]=this._getExistingOrDefaultHeader(n,c.ContentType,u.ApplicationJson);let o=await this.patch(e,r,n);return this._processResponse(o,this.requestOptions)}async request(e,t,n,r){if(this._disposed){throw new Error("Client has already been disposed.")}let o=new URL(t);let s=this._prepareRequest(e,o,r);let i=this._allowRetries&&d.indexOf(e)!=-1?this._maxRetries+1:1;let c=0;let u;while(c<i){u=await this.requestRaw(s,n);if(u&&u.message&&u.message.statusCode===a.Unauthorized){let e;for(let t=0;t<this.handlers.length;t++){if(this.handlers[t].canHandleAuthentication(u)){e=this.handlers[t];break}}if(e){return e.handleAuthentication(this,s,n)}else{return u}}let t=this._maxRedirects;while(l.indexOf(u.message.statusCode)!=-1&&this._allowRedirects&&t>0){const i=u.message.headers["location"];if(!i){break}let a=new URL(i);if(o.protocol=="https:"&&o.protocol!=a.protocol&&!this._allowRedirectDowngrade){throw new Error("Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.")}await u.readBody();if(a.hostname!==o.hostname){for(let e in r){if(e.toLowerCase()==="authorization"){delete r[e]}}}s=this._prepareRequest(e,a,r);u=await this.requestRaw(s,n);t--}if(p.indexOf(u.message.statusCode)==-1){return u}c+=1;if(c<i){await u.readBody();await this._performExponentialBackoff(c)}}return u}dispose(){if(this._agent){this._agent.destroy()}this._disposed=true}requestRaw(e,t){return new Promise(((n,r)=>{let callbackForResult=function(e,t){if(e){r(e)}n(t)};this.requestRawWithCallback(e,t,callbackForResult)}))}requestRawWithCallback(e,t,n){let r;if(typeof t==="string"){e.options.headers["Content-Length"]=Buffer.byteLength(t,"utf8")}let o=false;let handleResult=(e,t)=>{if(!o){o=true;n(e,t)}};let s=e.httpModule.request(e.options,(e=>{let t=new HttpClientResponse(e);handleResult(null,t)}));s.on("socket",(e=>{r=e}));s.setTimeout(this._socketTimeout||3*6e4,(()=>{if(r){r.end()}handleResult(new Error("Request timeout: "+e.options.path),null)}));s.on("error",(function(e){handleResult(e,null)}));if(t&&typeof t==="string"){s.write(t,"utf8")}if(t&&typeof t!=="string"){t.on("close",(function(){s.end()}));t.pipe(s)}else{s.end()}}getAgent(e){let t=new URL(e);return this._getAgent(t)}_prepareRequest(e,t,n){const s={};s.parsedUrl=t;const i=s.parsedUrl.protocol==="https:";s.httpModule=i?o:r;const a=i?443:80;s.options={};s.options.host=s.parsedUrl.hostname;s.options.port=s.parsedUrl.port?parseInt(s.parsedUrl.port):a;s.options.path=(s.parsedUrl.pathname||"")+(s.parsedUrl.search||"");s.options.method=e;s.options.headers=this._mergeHeaders(n);if(this.userAgent!=null){s.options.headers["user-agent"]=this.userAgent}s.options.agent=this._getAgent(s.parsedUrl);if(this.handlers){this.handlers.forEach((e=>{e.prepareRequest(s.options)}))}return s}_mergeHeaders(e){const lowercaseKeys=e=>Object.keys(e).reduce(((t,n)=>(t[n.toLowerCase()]=e[n],t)),{});if(this.requestOptions&&this.requestOptions.headers){return Object.assign({},lowercaseKeys(this.requestOptions.headers),lowercaseKeys(e))}return lowercaseKeys(e||{})}_getExistingOrDefaultHeader(e,t,n){const lowercaseKeys=e=>Object.keys(e).reduce(((t,n)=>(t[n.toLowerCase()]=e[n],t)),{});let r;if(this.requestOptions&&this.requestOptions.headers){r=lowercaseKeys(this.requestOptions.headers)[t]}return e[t]||r||n}_getAgent(e){let t;let a=s.getProxyUrl(e);let c=a&&a.hostname;if(this._keepAlive&&c){t=this._proxyAgent}if(this._keepAlive&&!c){t=this._agent}if(!!t){return t}const u=e.protocol==="https:";let l=100;if(!!this.requestOptions){l=this.requestOptions.maxSockets||r.globalAgent.maxSockets}if(c){if(!i){i=n(294)}const e={maxSockets:l,keepAlive:this._keepAlive,proxy:{...(a.username||a.password)&&{proxyAuth:`${a.username}:${a.password}`},host:a.hostname,port:a.port}};let r;const o=a.protocol==="https:";if(u){r=o?i.httpsOverHttps:i.httpsOverHttp}else{r=o?i.httpOverHttps:i.httpOverHttp}t=r(e);this._proxyAgent=t}if(this._keepAlive&&!t){const e={keepAlive:this._keepAlive,maxSockets:l};t=u?new o.Agent(e):new r.Agent(e);this._agent=t}if(!t){t=u?o.globalAgent:r.globalAgent}if(u&&this._ignoreSslError){t.options=Object.assign(t.options||{},{rejectUnauthorized:false})}return t}_performExponentialBackoff(e){e=Math.min(f,e);const t=h*Math.pow(2,e);return new Promise((e=>setTimeout((()=>e()),t)))}static dateTimeDeserializer(e,t){if(typeof t==="string"){let e=new Date(t);if(!isNaN(e.valueOf())){return e}}return t}async _processResponse(e,t){return new Promise((async(n,r)=>{const o=e.message.statusCode;const s={statusCode:o,result:null,headers:{}};if(o==a.NotFound){n(s)}let i;let c;try{c=await e.readBody();if(c&&c.length>0){if(t&&t.deserializeDates){i=JSON.parse(c,HttpClient.dateTimeDeserializer)}else{i=JSON.parse(c)}s.result=i}s.headers=e.message.headers}catch(e){}if(o>299){let e;if(i&&i.message){e=i.message}else if(c&&c.length>0){e=c}else{e="Failed request: ("+o+")"}let t=new HttpClientError(e,o);t.result=s.result;r(t)}else{n(s)}}))}}t.HttpClient=HttpClient},443:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:true});function getProxyUrl(e){let t=e.protocol==="https:";let n;if(checkBypass(e)){return n}let r;if(t){r=process.env["https_proxy"]||process.env["HTTPS_PROXY"]}else{r=process.env["http_proxy"]||process.env["HTTP_PROXY"]}if(r){n=new URL(r)}return n}t.getProxyUrl=getProxyUrl;function checkBypass(e){if(!e.hostname){return false}let t=process.env["no_proxy"]||process.env["NO_PROXY"]||"";if(!t){return false}let n;if(e.port){n=Number(e.port)}else if(e.protocol==="http:"){n=80}else if(e.protocol==="https:"){n=443}let r=[e.hostname.toUpperCase()];if(typeof n==="number"){r.push(`${r[0]}:${n}`)}for(let e of t.split(",").map((e=>e.trim().toUpperCase())).filter((e=>e))){if(r.some((t=>t===e))){return true}}return false}t.checkBypass=checkBypass},294:(e,t,n)=>{e.exports=n(219)},219:(e,t,n)=>{"use strict";var r=n(808);var o=n(404);var s=n(685);var i=n(687);var a=n(361);var c=n(491);var u=n(837);t.httpOverHttp=httpOverHttp;t.httpsOverHttp=httpsOverHttp;t.httpOverHttps=httpOverHttps;t.httpsOverHttps=httpsOverHttps;function httpOverHttp(e){var t=new TunnelingAgent(e);t.request=s.request;return t}function httpsOverHttp(e){var t=new TunnelingAgent(e);t.request=s.request;t.createSocket=createSecureSocket;t.defaultPort=443;return t}function httpOverHttps(e){var t=new TunnelingAgent(e);t.request=i.request;return t}function httpsOverHttps(e){var t=new TunnelingAgent(e);t.request=i.request;t.createSocket=createSecureSocket;t.defaultPort=443;return t}function TunnelingAgent(e){var t=this;t.options=e||{};t.proxyOptions=t.options.proxy||{};t.maxSockets=t.options.maxSockets||s.Agent.defaultMaxSockets;t.requests=[];t.sockets=[];t.on("free",(function onFree(e,n,r,o){var s=toOptions(n,r,o);for(var i=0,a=t.requests.length;i<a;++i){var c=t.requests[i];if(c.host===s.host&&c.port===s.port){t.requests.splice(i,1);c.request.onSocket(e);return}}e.destroy();t.removeSocket(e)}))}u.inherits(TunnelingAgent,a.EventEmitter);TunnelingAgent.prototype.addRequest=function addRequest(e,t,n,r){var o=this;var s=mergeOptions({request:e},o.options,toOptions(t,n,r));if(o.sockets.length>=this.maxSockets){o.requests.push(s);return}o.createSocket(s,(function(t){t.on("free",onFree);t.on("close",onCloseOrRemove);t.on("agentRemove",onCloseOrRemove);e.onSocket(t);function onFree(){o.emit("free",t,s)}function onCloseOrRemove(e){o.removeSocket(t);t.removeListener("free",onFree);t.removeListener("close",onCloseOrRemove);t.removeListener("agentRemove",onCloseOrRemove)}}))};TunnelingAgent.prototype.createSocket=function createSocket(e,t){var n=this;var r={};n.sockets.push(r);var o=mergeOptions({},n.proxyOptions,{method:"CONNECT",path:e.host+":"+e.port,agent:false,headers:{host:e.host+":"+e.port}});if(e.localAddress){o.localAddress=e.localAddress}if(o.proxyAuth){o.headers=o.headers||{};o.headers["Proxy-Authorization"]="Basic "+new Buffer(o.proxyAuth).toString("base64")}l("making CONNECT request");var s=n.request(o);s.useChunkedEncodingByDefault=false;s.once("response",onResponse);s.once("upgrade",onUpgrade);s.once("connect",onConnect);s.once("error",onError);s.end();function onResponse(e){e.upgrade=true}function onUpgrade(e,t,n){process.nextTick((function(){onConnect(e,t,n)}))}function onConnect(o,i,a){s.removeAllListeners();i.removeAllListeners();if(o.statusCode!==200){l("tunneling socket could not be established, statusCode=%d",o.statusCode);i.destroy();var c=new Error("tunneling socket could not be established, "+"statusCode="+o.statusCode);c.code="ECONNRESET";e.request.emit("error",c);n.removeSocket(r);return}if(a.length>0){l("got illegal response body from proxy");i.destroy();var c=new Error("got illegal response body from proxy");c.code="ECONNRESET";e.request.emit("error",c);n.removeSocket(r);return}l("tunneling connection has established");n.sockets[n.sockets.indexOf(r)]=i;return t(i)}function onError(t){s.removeAllListeners();l("tunneling socket could not be established, cause=%s\n",t.message,t.stack);var o=new Error("tunneling socket could not be established, "+"cause="+t.message);o.code="ECONNRESET";e.request.emit("error",o);n.removeSocket(r)}};TunnelingAgent.prototype.removeSocket=function removeSocket(e){var t=this.sockets.indexOf(e);if(t===-1){return}this.sockets.splice(t,1);var n=this.requests.shift();if(n){this.createSocket(n,(function(e){n.request.onSocket(e)}))}};function createSecureSocket(e,t){var n=this;TunnelingAgent.prototype.createSocket.call(n,e,(function(r){var s=e.request.getHeader("host");var i=mergeOptions({},n.options,{socket:r,servername:s?s.replace(/:.*$/,""):e.host});var a=o.connect(0,i);n.sockets[n.sockets.indexOf(r)]=a;t(a)}))}function toOptions(e,t,n){if(typeof e==="string"){return{host:e,port:t,localAddress:n}}return e}function mergeOptions(e){for(var t=1,n=arguments.length;t<n;++t){var r=arguments[t];if(typeof r==="object"){var o=Object.keys(r);for(var s=0,i=o.length;s<i;++s){var a=o[s];if(r[a]!==undefined){e[a]=r[a]}}}}return e}var l;if(process.env.NODE_DEBUG&&/\btunnel\b/.test(process.env.NODE_DEBUG)){l=function(){var e=Array.prototype.slice.call(arguments);if(typeof e[0]==="string"){e[0]="TUNNEL: "+e[0]}else{e.unshift("TUNNEL:")}console.error.apply(console,e)}}else{l=function(){}}t.debug=l},48:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};var o=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:true});t.BaseClient=void 0;const s=o(n(687));const i=n(310);const{version:a}=n(598);class BaseClient{static request(e,t){if(!e.headers){e.headers={}}if(!e.headers["User-Agent"]){e.headers["User-Agent"]=`google-github-actions:auth/${a}`}return new Promise(((n,r)=>{const o=s.default.request(e,(e=>{e.setEncoding("utf8");let t="";e.on("data",(e=>{t+=e}));e.on("end",(()=>{if(e.statusCode&&e.statusCode>=400){r(t)}else{n(t)}}))}));o.on("error",(e=>{r(e)}));if(t!=null){o.write(t)}o.end()}))}static googleIDToken(e,{serviceAccount:t,audience:n,delegates:o,includeEmail:s}){return r(this,void 0,void 0,(function*(){const r=`projects/-/serviceAccounts/${t}`;const a=new i.URL(`https://iamcredentials.googleapis.com/v1/${r}:generateIdToken`);const c={delegates:o,audience:n,includeEmail:s};const u={hostname:a.hostname,port:a.port,path:a.pathname+a.search,method:"POST",headers:{Authorization:`Bearer ${e}`,Accept:"application/json","Content-Type":"application/json"}};try{const e=yield BaseClient.request(u,JSON.stringify(c));const t=JSON.parse(e);return{token:t["token"]}}catch(e){throw new Error(`failed to generate Google Cloud ID token for ${t}: ${e}`)}}))}static googleAccessToken(e,{serviceAccount:t,delegates:n,scopes:o,lifetime:s}){return r(this,void 0,void 0,(function*(){const r=`projects/-/serviceAccounts/${t}`;const a=new i.URL(`https://iamcredentials.googleapis.com/v1/${r}:generateAccessToken`);const c={};if(n&&n.length>0){c.delegates=n}if(o&&o.length>0){c.scope=o}if(s&&s>0){c.lifetime=`${s}s`}const u={hostname:a.hostname,port:a.port,path:a.pathname+a.search,method:"POST",headers:{Authorization:`Bearer ${e}`,Accept:"application/json","Content-Type":"application/json"}};try{const e=yield BaseClient.request(u,JSON.stringify(c));const t=JSON.parse(e);return{accessToken:t["accessToken"],expiration:t["expireTime"]}}catch(e){throw new Error(`Failed to generate Google Cloud access token for ${t}: ${e}`)}}))}static googleOAuthToken(e){return r(this,void 0,void 0,(function*(){const t=new i.URL("https://oauth2.googleapis.com/token");const n={hostname:t.hostname,port:t.port,path:t.pathname+t.search,method:"POST",headers:{Accept:"application/json","Content-Type":"application/x-www-form-urlencoded"}};const r=new i.URLSearchParams;r.append("grant_type","urn:ietf:params:oauth:grant-type:jwt-bearer");r.append("assertion",e);try{const e=yield BaseClient.request(n,r.toString());const t=JSON.parse(e);const o=new Date((new Date).getTime()+t["expires_in"]*1e4);return{accessToken:t["access_token"],expiration:o.toISOString()}}catch(e){throw new Error(`Failed to generate Google Cloud OAuth token: ${e}`)}}))}}t.BaseClient=BaseClient},326:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};var o=this&&this.__classPrivateFieldSet||function(e,t,n,r,o){if(r==="m")throw new TypeError("Private method is not writable");if(r==="a"&&!o)throw new TypeError("Private accessor was defined without a setter");if(typeof t==="function"?e!==t||!o:!t.has(e))throw new TypeError("Cannot write private member to an object whose class did not declare it");return r==="a"?o.call(e,n):o?o.value=n:t.set(e,n),n};var s=this&&this.__classPrivateFieldGet||function(e,t,n,r){if(n==="a"&&!r)throw new TypeError("Private accessor was defined without a getter");if(typeof t==="function"?e!==t||!r:!t.has(e))throw new TypeError("Cannot read private member from an object whose class did not declare it");return n==="m"?r:n==="a"?r.call(e):r?r.value:t.get(e)};var i,a;Object.defineProperty(t,"__esModule",{value:true});t.CredentialsJSONClient=void 0;const c=n(113);const u=n(314);class CredentialsJSONClient{constructor(e){i.set(this,void 0);a.set(this,void 0);o(this,a,this.parseServiceAccountKeyJSON(e.credentialsJSON),"f");o(this,i,e.projectID||s(this,a,"f")["project_id"],"f")}parseServiceAccountKeyJSON(e){e=(0,u.trimmedString)(e);if(!e){throw new Error(`Missing service account key JSON (got empty value)`)}if(!e.startsWith("{")){e=(0,u.fromBase64)(e)}let t;try{t=JSON.parse(e)}catch(e){throw new SyntaxError(`Failed to parse credentials as JSON: ${e}`)}const requireValue=e=>{const n=(0,u.trimmedString)(t[e]);if(!n){throw new Error(`Service account key JSON is missing required field "${e}"`)}};requireValue("project_id");requireValue("private_key_id");requireValue("private_key");requireValue("client_email");return t}getAuthToken(){return r(this,void 0,void 0,(function*(){const e={alg:"RS256",typ:"JWT",kid:s(this,a,"f")["private_key_id"]};const t=Math.floor((new Date).getTime()/1e3);const n={iss:s(this,a,"f")["client_email"],sub:s(this,a,"f")["client_email"],aud:"https://iamcredentials.googleapis.com/",iat:t,exp:t+3599};const r=(0,u.toBase64)(JSON.stringify(e))+"."+(0,u.toBase64)(JSON.stringify(n));try{const e=(0,c.createSign)("RSA-SHA256");e.write(r);e.end();const t=e.sign(s(this,a,"f")["private_key"]);return r+"."+(0,u.toBase64)(t)}catch(e){throw new Error(`Failed to sign auth token using ${yield this.getServiceAccount()}: ${e}`)}}))}signJWT(e){return r(this,void 0,void 0,(function*(){const t={alg:"RS256",typ:"JWT",kid:s(this,a,"f")["private_key_id"]};const n=(0,u.toBase64)(JSON.stringify(t))+"."+(0,u.toBase64)(e);try{const e=(0,c.createSign)("RSA-SHA256");e.write(n);e.end();const t=e.sign(s(this,a,"f")["private_key"]);const r=n+"."+(0,u.toBase64)(t);return r}catch(e){throw new Error(`Failed to sign JWT using ${yield this.getServiceAccount()}: ${e}`)}}))}getProjectID(){return r(this,void 0,void 0,(function*(){return s(this,i,"f")}))}getServiceAccount(){return r(this,void 0,void 0,(function*(){return s(this,a,"f")["client_email"]}))}createCredentialsFile(e){return r(this,void 0,void 0,(function*(){return yield(0,u.writeSecureFile)(e,JSON.stringify(s(this,a,"f")))}))}}t.CredentialsJSONClient=CredentialsJSONClient;i=new WeakMap,a=new WeakMap},790:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};var o=this&&this.__classPrivateFieldSet||function(e,t,n,r,o){if(r==="m")throw new TypeError("Private method is not writable");if(r==="a"&&!o)throw new TypeError("Private accessor was defined without a setter");if(typeof t==="function"?e!==t||!o:!t.has(e))throw new TypeError("Cannot write private member to an object whose class did not declare it");return r==="a"?o.call(e,n):o?o.value=n:t.set(e,n),n};var s=this&&this.__classPrivateFieldGet||function(e,t,n,r){if(n==="a"&&!r)throw new TypeError("Private accessor was defined without a getter");if(typeof t==="function"?e!==t||!r:!t.has(e))throw new TypeError("Cannot read private member from an object whose class did not declare it");return n==="m"?r:n==="a"?r.call(e):r?r.value:t.get(e)};var i,a,c,u,l;Object.defineProperty(t,"__esModule",{value:true});t.WorkloadIdentityClient=void 0;const p=n(310);const d=n(314);const f=n(48);class WorkloadIdentityClient{constructor(e){i.set(this,void 0);a.set(this,void 0);c.set(this,void 0);u.set(this,void 0);l.set(this,void 0);o(this,a,e.providerID,"f");o(this,c,e.serviceAccount,"f");o(this,u,e.token,"f");o(this,l,e.audience,"f");o(this,i,e.projectID||this.extractProjectIDFromServiceAccountEmail(s(this,c,"f")),"f")}extractProjectIDFromServiceAccountEmail(e){if(!e){return""}const[,t]=e.split("@",2);if(!e.endsWith(".iam.gserviceaccount.com")){throw new Error(`Service account email ${e} is not of the form `+`"[name]@[project].iam.gserviceaccount.com. You must manually `+`specify the "project_id" parameter in your GitHub Actions workflow.`)}const[n]=t.split(".",2);return n}getAuthToken(){return r(this,void 0,void 0,(function*(){const e=new p.URL("https://sts.googleapis.com/v1/token");const t={audience:"//iam.googleapis.com/"+s(this,a,"f"),grantType:"urn:ietf:params:oauth:grant-type:token-exchange",requestedTokenType:"urn:ietf:params:oauth:token-type:access_token",scope:"https://www.googleapis.com/auth/cloud-platform",subjectTokenType:"urn:ietf:params:oauth:token-type:jwt",subjectToken:s(this,u,"f")};const n={hostname:e.hostname,port:e.port,path:e.pathname+e.search,method:"POST",headers:{Accept:"application/json","Content-Type":"application/json"}};try{const e=yield f.BaseClient.request(n,JSON.stringify(t));const r=JSON.parse(e);return r["access_token"]}catch(e){throw new Error(`Failed to generate Google Cloud federated token for ${s(this,a,"f")}: ${e}`)}}))}signJWT(e,t){return r(this,void 0,void 0,(function*(){const n=yield this.getServiceAccount();const r=yield this.getAuthToken();const o=new p.URL(`https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/${n}:signJwt`);const s={payload:e};if(t&&t.length>0){s.delegates=t}const i={hostname:o.hostname,port:o.port,path:o.pathname+o.search,method:"POST",headers:{Accept:"application/json",Authorization:`Bearer ${r}`,"Content-Type":"application/json"}};try{const e=yield f.BaseClient.request(i,JSON.stringify(s));const t=JSON.parse(e);return t["signedJwt"]}catch(e){throw new Error(`Failed to sign JWT using ${n}: ${e}`)}}))}getProjectID(){return r(this,void 0,void 0,(function*(){return s(this,i,"f")}))}getServiceAccount(){return r(this,void 0,void 0,(function*(){return s(this,c,"f")}))}createCredentialsFile(e){return r(this,void 0,void 0,(function*(){const t=process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN;const n=process.env.ACTIONS_ID_TOKEN_REQUEST_URL;if(!t||!n){throw new Error("GitHub Actions did not inject $ACTIONS_ID_TOKEN_REQUEST_TOKEN or "+"$ACTIONS_ID_TOKEN_REQUEST_URL into this job. This most likely "+"means the GitHub Actions workflow permissions are incorrect, or "+"this job is being run from a fork. For more information, please "+"see the GitHub documentation at https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token")}const r=new p.URL(n);const o=r.searchParams;o.set("audience",s(this,l,"f"));r.search=o.toString();const i={type:"external_account",audience:`//iam.googleapis.com/${s(this,a,"f")}`,subject_token_type:"urn:ietf:params:oauth:token-type:jwt",token_url:"https://sts.googleapis.com/v1/token",service_account_impersonation_url:`https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/${s(this,c,"f")}:generateAccessToken`,credential_source:{url:r,headers:{Authorization:`Bearer ${t}`},format:{type:"json",subject_token_field_name:"value"}}};return yield(0,d.writeSecureFile)(e,JSON.stringify(i))}))}}t.WorkloadIdentityClient=WorkloadIdentityClient;i=new WeakMap,a=new WeakMap,c=new WeakMap,u=new WeakMap,l=new WeakMap},399:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};Object.defineProperty(t,"__esModule",{value:true});const o=n(186);const s=n(790);const i=n(326);const a=n(48);const c=n(314);const u="If you are specifying input values via GitHub secrets, ensure the secret "+"is being injected into the environment. By default, secrets are not passed "+"to workflows triggered from forks, including Dependabot.";function run(){return r(this,void 0,void 0,(function*(){try{const e=(0,o.getInput)("project_id");const t=(0,o.getInput)("workload_identity_provider");const n=(0,o.getInput)("service_account");const r=(0,o.getInput)("audience")||`https://iam.googleapis.com/${t}`;const l=(0,o.getInput)("credentials_json");const p=(0,o.getBooleanInput)("create_credentials_file");const d=(0,o.getInput)("token_format");const f=(0,c.explodeStrings)((0,o.getInput)("delegates"));if(!t&&!l||t&&l){throw new Error("The GitHub Action workflow must specify exactly one of "+'"workload_identity_provider" or "credentials_json"! '+u)}if(t&&!n){throw new Error('The GitHub Action workflow must specify a "service_account" to '+'impersonate when using "workload_identity_provider"! '+u)}let h;if(t){const i=yield(0,o.getIDToken)(r);h=new s.WorkloadIdentityClient({projectID:e,providerID:t,serviceAccount:n,token:i,audience:r})}else{h=new i.CredentialsJSONClient({projectID:e,credentialsJSON:l})}if(p){const e=process.env.GITHUB_WORKSPACE;if(!e){throw new Error("$GITHUB_WORKSPACE is not set")}const t=yield h.createCredentialsFile(e);(0,o.setOutput)("credentials_file_path",t);(0,o.exportVariable)("CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE",t);(0,o.exportVariable)("GOOGLE_APPLICATION_CREDENTIALS",t);(0,o.exportVariable)("GOOGLE_GHA_CREDS_PATH",t)}const g=yield h.getProjectID();(0,o.setOutput)("project_id",g);(0,o.exportVariable)("CLOUDSDK_PROJECT",g);(0,o.exportVariable)("CLOUDSDK_CORE_PROJECT",g);(0,o.exportVariable)("GCP_PROJECT",g);(0,o.exportVariable)("GCLOUD_PROJECT",g);(0,o.exportVariable)("GOOGLE_CLOUD_PROJECT",g);switch(d){case"":{break}case null:{break}case"access_token":{const e=(0,c.parseDuration)((0,o.getInput)("access_token_lifetime"));const t=(0,c.explodeStrings)((0,o.getInput)("access_token_scopes"));const n=(0,o.getInput)("access_token_subject");const r=yield h.getServiceAccount();let s,i;if(n){const o=(0,c.buildDomainWideDelegationJWT)(r,n,t,e);const u=yield h.signJWT(o,f);({accessToken:s,expiration:i}=yield a.BaseClient.googleOAuthToken(u))}else{const n=yield h.getAuthToken();({accessToken:s,expiration:i}=yield a.BaseClient.googleAccessToken(n,{serviceAccount:r,delegates:f,scopes:t,lifetime:e}))}(0,o.setSecret)(s);(0,o.setOutput)("access_token",s);(0,o.setOutput)("access_token_expiration",i);break}case"id_token":{const e=(0,o.getInput)("id_token_audience",{required:true});const t=(0,o.getBooleanInput)("id_token_include_email");const n=yield h.getServiceAccount();const r=yield h.getAuthToken();const{token:s}=yield a.BaseClient.googleIDToken(r,{serviceAccount:n,audience:e,delegates:f,includeEmail:t});(0,o.setSecret)(s);(0,o.setOutput)("id_token",s);break}default:{throw new Error(`Unknown token format "${d}"`)}}}catch(e){(0,o.setFailed)(`google-github-actions/auth failed with: ${e}`)}}))}run()},314:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};var o=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:true});t.buildDomainWideDelegationJWT=t.parseDuration=t.trimmedString=t.fromBase64=t.toBase64=t.explodeStrings=t.removeExportedCredentials=t.writeSecureFile=void 0;const s=n(147);const i=o(n(113));const a=o(n(17));function writeSecureFile(e,t){return r(this,void 0,void 0,(function*(){const n=i.default.randomBytes(12).toString("hex");const r=a.default.join(e,n);yield s.promises.writeFile(r,t,{mode:416,flag:"wx"});return r}))}t.writeSecureFile=writeSecureFile;function removeExportedCredentials(){return r(this,void 0,void 0,(function*(){const e=process.env["GOOGLE_GHA_CREDS_PATH"];if(!e){return""}try{yield s.promises.unlink(e);return e}catch(e){if(e instanceof Error)if(e&&e.message&&e.message.includes("ENOENT")){return""}throw new Error(`failed to remove exported credentials: ${e}`)}}))}t.removeExportedCredentials=removeExportedCredentials;function explodeStrings(e){if(!e||e.trim().length===0){return[]}const t=new Array;let n="";let r=false;for(const o of e){if(r){n+=o;r=false;continue}switch(o){case"\\":r=true;continue;case",":case"\n":{const e=n.trim();if(e){t.push(e)}n="";break}default:n+=o}}const o=n.trim();if(o){t.push(o)}return t}t.explodeStrings=explodeStrings;function toBase64(e){return Buffer.from(e).toString("base64").replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}t.toBase64=toBase64;function fromBase64(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");while(t.length%4)t+="=";return Buffer.from(t,"base64").toString("utf8")}t.fromBase64=fromBase64;function trimmedString(e){return e?e.trim():""}t.trimmedString=trimmedString;function parseDuration(e){const t=(e||"").trim();if(!t){return 0}let n=0;let r="";for(let t=0;t<e.length;t++){const o=e[t];switch(o){case" ":continue;case",":continue;case"s":{n+=+r;r="";break}case"m":{n+=+r*60;r="";break}case"h":{n+=+r*60*60;r="";break}case"0":case"1":case"2":case"3":case"4":case"5":case"6":case"7":case"8":case"9":r+=o;break;default:throw new SyntaxError(`Unsupported character "${o}" at position ${t}`)}}if(r){n+=+r}return n}t.parseDuration=parseDuration;function buildDomainWideDelegationJWT(e,t,n,r){const o=Math.floor((new Date).getTime()/1e3);const s={iss:e,aud:"https://oauth2.googleapis.com/token",iat:o,exp:o+r};if(t&&t.trim().length>0){s.sub=t}if(n&&n.length>0){s.scope=n.join(" ")}return JSON.stringify(s)}t.buildDomainWideDelegationJWT=buildDomainWideDelegationJWT},491:e=>{"use strict";e.exports=require("assert")},113:e=>{"use strict";e.exports=require("crypto")},361:e=>{"use strict";e.exports=require("events")},147:e=>{"use strict";e.exports=require("fs")},685:e=>{"use strict";e.exports=require("http")},687:e=>{"use strict";e.exports=require("https")},808:e=>{"use strict";e.exports=require("net")},37:e=>{"use strict";e.exports=require("os")},17:e=>{"use strict";e.exports=require("path")},404:e=>{"use strict";e.exports=require("tls")},310:e=>{"use strict";e.exports=require("url")},837:e=>{"use strict";e.exports=require("util")},598:e=>{"use strict";e.exports=JSON.parse('{"name":"@google-github-actions/auth","version":"0.4.0","description":"Authenticate to Google Cloud using OIDC tokens or JSON service account keys.","main":"dist/main/index.js","scripts":{"build":"ncc build -m src/main.ts -o dist/main && ncc -m build src/post.ts -o dist/post","lint":"eslint . --ext .ts,.tsx","format":"prettier --write **/*.ts","test":"mocha -r ts-node/register -t 120s \'tests/**/*.test.ts\'"},"repository":{"type":"git","url":"https://github.com/google-github-actions/auth"},"keywords":["actions","google cloud","identity","auth","oidc"],"author":"GoogleCloudPlatform","license":"Apache-2.0","dependencies":{"@actions/core":"^1.6.0"},"devDependencies":{"@types/chai":"^4.2.22","@types/mocha":"^9.0.0","@types/node":"^16.11.11","@typescript-eslint/eslint-plugin":"^5.5.0","@typescript-eslint/parser":"^5.5.0","@vercel/ncc":"^0.33.0","chai":"^4.3.4","eslint":"^8.3.0","eslint-config-prettier":"^8.3.0","eslint-plugin-prettier":"^4.0.0","mocha":"^9.1.3","prettier":"^2.5.0","ts-node":"^10.4.0","typescript":"^4.5.2"}}')}};var t={};function __nccwpck_require__(n){var r=t[n];if(r!==undefined){return r.exports}var o=t[n]={exports:{}};var s=true;try{e[n].call(o.exports,o,o.exports,__nccwpck_require__);s=false}finally{if(s)delete t[n]}return o.exports}if(typeof __nccwpck_require__!=="undefined")__nccwpck_require__.ab=__dirname+"/";var n=__nccwpck_require__(399);module.exports=n})();
\ No newline at end of file
+(()=>{var e={351:function(e,t,n){"use strict";var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){if(r===undefined)r=n;Object.defineProperty(e,r,{enumerable:true,get:function(){return t[n]}})}:function(e,t,n,r){if(r===undefined)r=n;e[r]=t[n]});var o=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:true,value:t})}:function(e,t){e["default"]=t});var s=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(e!=null)for(var n in e)if(n!=="default"&&Object.hasOwnProperty.call(e,n))r(t,e,n);o(t,e);return t};Object.defineProperty(t,"__esModule",{value:true});t.issue=t.issueCommand=void 0;const i=s(n(37));const a=n(278);function issueCommand(e,t,n){const r=new Command(e,t,n);process.stdout.write(r.toString()+i.EOL)}t.issueCommand=issueCommand;function issue(e,t=""){issueCommand(e,{},t)}t.issue=issue;const c="::";class Command{constructor(e,t,n){if(!e){e="missing.command"}this.command=e;this.properties=t;this.message=n}toString(){let e=c+this.command;if(this.properties&&Object.keys(this.properties).length>0){e+=" ";let t=true;for(const n in this.properties){if(this.properties.hasOwnProperty(n)){const r=this.properties[n];if(r){if(t){t=false}else{e+=","}e+=`${n}=${escapeProperty(r)}`}}}}e+=`${c}${escapeData(this.message)}`;return e}}function escapeData(e){return a.toCommandValue(e).replace(/%/g,"%25").replace(/\r/g,"%0D").replace(/\n/g,"%0A")}function escapeProperty(e){return a.toCommandValue(e).replace(/%/g,"%25").replace(/\r/g,"%0D").replace(/\n/g,"%0A").replace(/:/g,"%3A").replace(/,/g,"%2C")}},186:function(e,t,n){"use strict";var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){if(r===undefined)r=n;Object.defineProperty(e,r,{enumerable:true,get:function(){return t[n]}})}:function(e,t,n,r){if(r===undefined)r=n;e[r]=t[n]});var o=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:true,value:t})}:function(e,t){e["default"]=t});var s=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(e!=null)for(var n in e)if(n!=="default"&&Object.hasOwnProperty.call(e,n))r(t,e,n);o(t,e);return t};var i=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};Object.defineProperty(t,"__esModule",{value:true});t.getIDToken=t.getState=t.saveState=t.group=t.endGroup=t.startGroup=t.info=t.notice=t.warning=t.error=t.debug=t.isDebug=t.setFailed=t.setCommandEcho=t.setOutput=t.getBooleanInput=t.getMultilineInput=t.getInput=t.addPath=t.setSecret=t.exportVariable=t.ExitCode=void 0;const a=n(351);const c=n(717);const u=n(278);const l=s(n(37));const p=s(n(17));const d=n(41);var f;(function(e){e[e["Success"]=0]="Success";e[e["Failure"]=1]="Failure"})(f=t.ExitCode||(t.ExitCode={}));function exportVariable(e,t){const n=u.toCommandValue(t);process.env[e]=n;const r=process.env["GITHUB_ENV"]||"";if(r){const t="_GitHubActionsFileCommandDelimeter_";const r=`${e}<<${t}${l.EOL}${n}${l.EOL}${t}`;c.issueCommand("ENV",r)}else{a.issueCommand("set-env",{name:e},n)}}t.exportVariable=exportVariable;function setSecret(e){a.issueCommand("add-mask",{},e)}t.setSecret=setSecret;function addPath(e){const t=process.env["GITHUB_PATH"]||"";if(t){c.issueCommand("PATH",e)}else{a.issueCommand("add-path",{},e)}process.env["PATH"]=`${e}${p.delimiter}${process.env["PATH"]}`}t.addPath=addPath;function getInput(e,t){const n=process.env[`INPUT_${e.replace(/ /g,"_").toUpperCase()}`]||"";if(t&&t.required&&!n){throw new Error(`Input required and not supplied: ${e}`)}if(t&&t.trimWhitespace===false){return n}return n.trim()}t.getInput=getInput;function getMultilineInput(e,t){const n=getInput(e,t).split("\n").filter((e=>e!==""));return n}t.getMultilineInput=getMultilineInput;function getBooleanInput(e,t){const n=["true","True","TRUE"];const r=["false","False","FALSE"];const o=getInput(e,t);if(n.includes(o))return true;if(r.includes(o))return false;throw new TypeError(`Input does not meet YAML 1.2 "Core Schema" specification: ${e}\n`+`Support boolean input list: \`true | True | TRUE | false | False | FALSE\``)}t.getBooleanInput=getBooleanInput;function setOutput(e,t){process.stdout.write(l.EOL);a.issueCommand("set-output",{name:e},t)}t.setOutput=setOutput;function setCommandEcho(e){a.issue("echo",e?"on":"off")}t.setCommandEcho=setCommandEcho;function setFailed(e){process.exitCode=f.Failure;error(e)}t.setFailed=setFailed;function isDebug(){return process.env["RUNNER_DEBUG"]==="1"}t.isDebug=isDebug;function debug(e){a.issueCommand("debug",{},e)}t.debug=debug;function error(e,t={}){a.issueCommand("error",u.toCommandProperties(t),e instanceof Error?e.toString():e)}t.error=error;function warning(e,t={}){a.issueCommand("warning",u.toCommandProperties(t),e instanceof Error?e.toString():e)}t.warning=warning;function notice(e,t={}){a.issueCommand("notice",u.toCommandProperties(t),e instanceof Error?e.toString():e)}t.notice=notice;function info(e){process.stdout.write(e+l.EOL)}t.info=info;function startGroup(e){a.issue("group",e)}t.startGroup=startGroup;function endGroup(){a.issue("endgroup")}t.endGroup=endGroup;function group(e,t){return i(this,void 0,void 0,(function*(){startGroup(e);let n;try{n=yield t()}finally{endGroup()}return n}))}t.group=group;function saveState(e,t){a.issueCommand("save-state",{name:e},t)}t.saveState=saveState;function getState(e){return process.env[`STATE_${e}`]||""}t.getState=getState;function getIDToken(e){return i(this,void 0,void 0,(function*(){return yield d.OidcClient.getIDToken(e)}))}t.getIDToken=getIDToken},717:function(e,t,n){"use strict";var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){if(r===undefined)r=n;Object.defineProperty(e,r,{enumerable:true,get:function(){return t[n]}})}:function(e,t,n,r){if(r===undefined)r=n;e[r]=t[n]});var o=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:true,value:t})}:function(e,t){e["default"]=t});var s=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(e!=null)for(var n in e)if(n!=="default"&&Object.hasOwnProperty.call(e,n))r(t,e,n);o(t,e);return t};Object.defineProperty(t,"__esModule",{value:true});t.issueCommand=void 0;const i=s(n(147));const a=s(n(37));const c=n(278);function issueCommand(e,t){const n=process.env[`GITHUB_${e}`];if(!n){throw new Error(`Unable to find environment variable for file command ${e}`)}if(!i.existsSync(n)){throw new Error(`Missing file at path: ${n}`)}i.appendFileSync(n,`${c.toCommandValue(t)}${a.EOL}`,{encoding:"utf8"})}t.issueCommand=issueCommand},41:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};Object.defineProperty(t,"__esModule",{value:true});t.OidcClient=void 0;const o=n(925);const s=n(702);const i=n(186);class OidcClient{static createHttpClient(e=true,t=10){const n={allowRetries:e,maxRetries:t};return new o.HttpClient("actions/oidc-client",[new s.BearerCredentialHandler(OidcClient.getRequestToken())],n)}static getRequestToken(){const e=process.env["ACTIONS_ID_TOKEN_REQUEST_TOKEN"];if(!e){throw new Error("Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable")}return e}static getIDTokenUrl(){const e=process.env["ACTIONS_ID_TOKEN_REQUEST_URL"];if(!e){throw new Error("Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable")}return e}static getCall(e){var t;return r(this,void 0,void 0,(function*(){const n=OidcClient.createHttpClient();const r=yield n.getJson(e).catch((e=>{throw new Error(`Failed to get ID Token. \n \n        Error Code : ${e.statusCode}\n \n        Error Message: ${e.result.message}`)}));const o=(t=r.result)===null||t===void 0?void 0:t.value;if(!o){throw new Error("Response json body do not have ID Token field")}return o}))}static getIDToken(e){return r(this,void 0,void 0,(function*(){try{let t=OidcClient.getIDTokenUrl();if(e){const n=encodeURIComponent(e);t=`${t}&audience=${n}`}i.debug(`ID token url is ${t}`);const n=yield OidcClient.getCall(t);i.setSecret(n);return n}catch(e){throw new Error(`Error message: ${e.message}`)}}))}}t.OidcClient=OidcClient},278:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:true});t.toCommandProperties=t.toCommandValue=void 0;function toCommandValue(e){if(e===null||e===undefined){return""}else if(typeof e==="string"||e instanceof String){return e}return JSON.stringify(e)}t.toCommandValue=toCommandValue;function toCommandProperties(e){if(!Object.keys(e).length){return{}}return{title:e.title,file:e.file,line:e.startLine,endLine:e.endLine,col:e.startColumn,endColumn:e.endColumn}}t.toCommandProperties=toCommandProperties},702:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:true});class BasicCredentialHandler{constructor(e,t){this.username=e;this.password=t}prepareRequest(e){e.headers["Authorization"]="Basic "+Buffer.from(this.username+":"+this.password).toString("base64")}canHandleAuthentication(e){return false}handleAuthentication(e,t,n){return null}}t.BasicCredentialHandler=BasicCredentialHandler;class BearerCredentialHandler{constructor(e){this.token=e}prepareRequest(e){e.headers["Authorization"]="Bearer "+this.token}canHandleAuthentication(e){return false}handleAuthentication(e,t,n){return null}}t.BearerCredentialHandler=BearerCredentialHandler;class PersonalAccessTokenCredentialHandler{constructor(e){this.token=e}prepareRequest(e){e.headers["Authorization"]="Basic "+Buffer.from("PAT:"+this.token).toString("base64")}canHandleAuthentication(e){return false}handleAuthentication(e,t,n){return null}}t.PersonalAccessTokenCredentialHandler=PersonalAccessTokenCredentialHandler},925:(e,t,n)=>{"use strict";Object.defineProperty(t,"__esModule",{value:true});const r=n(685);const o=n(687);const s=n(443);let i;var a;(function(e){e[e["OK"]=200]="OK";e[e["MultipleChoices"]=300]="MultipleChoices";e[e["MovedPermanently"]=301]="MovedPermanently";e[e["ResourceMoved"]=302]="ResourceMoved";e[e["SeeOther"]=303]="SeeOther";e[e["NotModified"]=304]="NotModified";e[e["UseProxy"]=305]="UseProxy";e[e["SwitchProxy"]=306]="SwitchProxy";e[e["TemporaryRedirect"]=307]="TemporaryRedirect";e[e["PermanentRedirect"]=308]="PermanentRedirect";e[e["BadRequest"]=400]="BadRequest";e[e["Unauthorized"]=401]="Unauthorized";e[e["PaymentRequired"]=402]="PaymentRequired";e[e["Forbidden"]=403]="Forbidden";e[e["NotFound"]=404]="NotFound";e[e["MethodNotAllowed"]=405]="MethodNotAllowed";e[e["NotAcceptable"]=406]="NotAcceptable";e[e["ProxyAuthenticationRequired"]=407]="ProxyAuthenticationRequired";e[e["RequestTimeout"]=408]="RequestTimeout";e[e["Conflict"]=409]="Conflict";e[e["Gone"]=410]="Gone";e[e["TooManyRequests"]=429]="TooManyRequests";e[e["InternalServerError"]=500]="InternalServerError";e[e["NotImplemented"]=501]="NotImplemented";e[e["BadGateway"]=502]="BadGateway";e[e["ServiceUnavailable"]=503]="ServiceUnavailable";e[e["GatewayTimeout"]=504]="GatewayTimeout"})(a=t.HttpCodes||(t.HttpCodes={}));var c;(function(e){e["Accept"]="accept";e["ContentType"]="content-type"})(c=t.Headers||(t.Headers={}));var u;(function(e){e["ApplicationJson"]="application/json"})(u=t.MediaTypes||(t.MediaTypes={}));function getProxyUrl(e){let t=s.getProxyUrl(new URL(e));return t?t.href:""}t.getProxyUrl=getProxyUrl;const l=[a.MovedPermanently,a.ResourceMoved,a.SeeOther,a.TemporaryRedirect,a.PermanentRedirect];const p=[a.BadGateway,a.ServiceUnavailable,a.GatewayTimeout];const d=["OPTIONS","GET","DELETE","HEAD"];const f=10;const h=5;class HttpClientError extends Error{constructor(e,t){super(e);this.name="HttpClientError";this.statusCode=t;Object.setPrototypeOf(this,HttpClientError.prototype)}}t.HttpClientError=HttpClientError;class HttpClientResponse{constructor(e){this.message=e}readBody(){return new Promise((async(e,t)=>{let n=Buffer.alloc(0);this.message.on("data",(e=>{n=Buffer.concat([n,e])}));this.message.on("end",(()=>{e(n.toString())}))}))}}t.HttpClientResponse=HttpClientResponse;function isHttps(e){let t=new URL(e);return t.protocol==="https:"}t.isHttps=isHttps;class HttpClient{constructor(e,t,n){this._ignoreSslError=false;this._allowRedirects=true;this._allowRedirectDowngrade=false;this._maxRedirects=50;this._allowRetries=false;this._maxRetries=1;this._keepAlive=false;this._disposed=false;this.userAgent=e;this.handlers=t||[];this.requestOptions=n;if(n){if(n.ignoreSslError!=null){this._ignoreSslError=n.ignoreSslError}this._socketTimeout=n.socketTimeout;if(n.allowRedirects!=null){this._allowRedirects=n.allowRedirects}if(n.allowRedirectDowngrade!=null){this._allowRedirectDowngrade=n.allowRedirectDowngrade}if(n.maxRedirects!=null){this._maxRedirects=Math.max(n.maxRedirects,0)}if(n.keepAlive!=null){this._keepAlive=n.keepAlive}if(n.allowRetries!=null){this._allowRetries=n.allowRetries}if(n.maxRetries!=null){this._maxRetries=n.maxRetries}}}options(e,t){return this.request("OPTIONS",e,null,t||{})}get(e,t){return this.request("GET",e,null,t||{})}del(e,t){return this.request("DELETE",e,null,t||{})}post(e,t,n){return this.request("POST",e,t,n||{})}patch(e,t,n){return this.request("PATCH",e,t,n||{})}put(e,t,n){return this.request("PUT",e,t,n||{})}head(e,t){return this.request("HEAD",e,null,t||{})}sendStream(e,t,n,r){return this.request(e,t,n,r)}async getJson(e,t={}){t[c.Accept]=this._getExistingOrDefaultHeader(t,c.Accept,u.ApplicationJson);let n=await this.get(e,t);return this._processResponse(n,this.requestOptions)}async postJson(e,t,n={}){let r=JSON.stringify(t,null,2);n[c.Accept]=this._getExistingOrDefaultHeader(n,c.Accept,u.ApplicationJson);n[c.ContentType]=this._getExistingOrDefaultHeader(n,c.ContentType,u.ApplicationJson);let o=await this.post(e,r,n);return this._processResponse(o,this.requestOptions)}async putJson(e,t,n={}){let r=JSON.stringify(t,null,2);n[c.Accept]=this._getExistingOrDefaultHeader(n,c.Accept,u.ApplicationJson);n[c.ContentType]=this._getExistingOrDefaultHeader(n,c.ContentType,u.ApplicationJson);let o=await this.put(e,r,n);return this._processResponse(o,this.requestOptions)}async patchJson(e,t,n={}){let r=JSON.stringify(t,null,2);n[c.Accept]=this._getExistingOrDefaultHeader(n,c.Accept,u.ApplicationJson);n[c.ContentType]=this._getExistingOrDefaultHeader(n,c.ContentType,u.ApplicationJson);let o=await this.patch(e,r,n);return this._processResponse(o,this.requestOptions)}async request(e,t,n,r){if(this._disposed){throw new Error("Client has already been disposed.")}let o=new URL(t);let s=this._prepareRequest(e,o,r);let i=this._allowRetries&&d.indexOf(e)!=-1?this._maxRetries+1:1;let c=0;let u;while(c<i){u=await this.requestRaw(s,n);if(u&&u.message&&u.message.statusCode===a.Unauthorized){let e;for(let t=0;t<this.handlers.length;t++){if(this.handlers[t].canHandleAuthentication(u)){e=this.handlers[t];break}}if(e){return e.handleAuthentication(this,s,n)}else{return u}}let t=this._maxRedirects;while(l.indexOf(u.message.statusCode)!=-1&&this._allowRedirects&&t>0){const i=u.message.headers["location"];if(!i){break}let a=new URL(i);if(o.protocol=="https:"&&o.protocol!=a.protocol&&!this._allowRedirectDowngrade){throw new Error("Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.")}await u.readBody();if(a.hostname!==o.hostname){for(let e in r){if(e.toLowerCase()==="authorization"){delete r[e]}}}s=this._prepareRequest(e,a,r);u=await this.requestRaw(s,n);t--}if(p.indexOf(u.message.statusCode)==-1){return u}c+=1;if(c<i){await u.readBody();await this._performExponentialBackoff(c)}}return u}dispose(){if(this._agent){this._agent.destroy()}this._disposed=true}requestRaw(e,t){return new Promise(((n,r)=>{let callbackForResult=function(e,t){if(e){r(e)}n(t)};this.requestRawWithCallback(e,t,callbackForResult)}))}requestRawWithCallback(e,t,n){let r;if(typeof t==="string"){e.options.headers["Content-Length"]=Buffer.byteLength(t,"utf8")}let o=false;let handleResult=(e,t)=>{if(!o){o=true;n(e,t)}};let s=e.httpModule.request(e.options,(e=>{let t=new HttpClientResponse(e);handleResult(null,t)}));s.on("socket",(e=>{r=e}));s.setTimeout(this._socketTimeout||3*6e4,(()=>{if(r){r.end()}handleResult(new Error("Request timeout: "+e.options.path),null)}));s.on("error",(function(e){handleResult(e,null)}));if(t&&typeof t==="string"){s.write(t,"utf8")}if(t&&typeof t!=="string"){t.on("close",(function(){s.end()}));t.pipe(s)}else{s.end()}}getAgent(e){let t=new URL(e);return this._getAgent(t)}_prepareRequest(e,t,n){const s={};s.parsedUrl=t;const i=s.parsedUrl.protocol==="https:";s.httpModule=i?o:r;const a=i?443:80;s.options={};s.options.host=s.parsedUrl.hostname;s.options.port=s.parsedUrl.port?parseInt(s.parsedUrl.port):a;s.options.path=(s.parsedUrl.pathname||"")+(s.parsedUrl.search||"");s.options.method=e;s.options.headers=this._mergeHeaders(n);if(this.userAgent!=null){s.options.headers["user-agent"]=this.userAgent}s.options.agent=this._getAgent(s.parsedUrl);if(this.handlers){this.handlers.forEach((e=>{e.prepareRequest(s.options)}))}return s}_mergeHeaders(e){const lowercaseKeys=e=>Object.keys(e).reduce(((t,n)=>(t[n.toLowerCase()]=e[n],t)),{});if(this.requestOptions&&this.requestOptions.headers){return Object.assign({},lowercaseKeys(this.requestOptions.headers),lowercaseKeys(e))}return lowercaseKeys(e||{})}_getExistingOrDefaultHeader(e,t,n){const lowercaseKeys=e=>Object.keys(e).reduce(((t,n)=>(t[n.toLowerCase()]=e[n],t)),{});let r;if(this.requestOptions&&this.requestOptions.headers){r=lowercaseKeys(this.requestOptions.headers)[t]}return e[t]||r||n}_getAgent(e){let t;let a=s.getProxyUrl(e);let c=a&&a.hostname;if(this._keepAlive&&c){t=this._proxyAgent}if(this._keepAlive&&!c){t=this._agent}if(!!t){return t}const u=e.protocol==="https:";let l=100;if(!!this.requestOptions){l=this.requestOptions.maxSockets||r.globalAgent.maxSockets}if(c){if(!i){i=n(294)}const e={maxSockets:l,keepAlive:this._keepAlive,proxy:{...(a.username||a.password)&&{proxyAuth:`${a.username}:${a.password}`},host:a.hostname,port:a.port}};let r;const o=a.protocol==="https:";if(u){r=o?i.httpsOverHttps:i.httpsOverHttp}else{r=o?i.httpOverHttps:i.httpOverHttp}t=r(e);this._proxyAgent=t}if(this._keepAlive&&!t){const e={keepAlive:this._keepAlive,maxSockets:l};t=u?new o.Agent(e):new r.Agent(e);this._agent=t}if(!t){t=u?o.globalAgent:r.globalAgent}if(u&&this._ignoreSslError){t.options=Object.assign(t.options||{},{rejectUnauthorized:false})}return t}_performExponentialBackoff(e){e=Math.min(f,e);const t=h*Math.pow(2,e);return new Promise((e=>setTimeout((()=>e()),t)))}static dateTimeDeserializer(e,t){if(typeof t==="string"){let e=new Date(t);if(!isNaN(e.valueOf())){return e}}return t}async _processResponse(e,t){return new Promise((async(n,r)=>{const o=e.message.statusCode;const s={statusCode:o,result:null,headers:{}};if(o==a.NotFound){n(s)}let i;let c;try{c=await e.readBody();if(c&&c.length>0){if(t&&t.deserializeDates){i=JSON.parse(c,HttpClient.dateTimeDeserializer)}else{i=JSON.parse(c)}s.result=i}s.headers=e.message.headers}catch(e){}if(o>299){let e;if(i&&i.message){e=i.message}else if(c&&c.length>0){e=c}else{e="Failed request: ("+o+")"}let t=new HttpClientError(e,o);t.result=s.result;r(t)}else{n(s)}}))}}t.HttpClient=HttpClient},443:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:true});function getProxyUrl(e){let t=e.protocol==="https:";let n;if(checkBypass(e)){return n}let r;if(t){r=process.env["https_proxy"]||process.env["HTTPS_PROXY"]}else{r=process.env["http_proxy"]||process.env["HTTP_PROXY"]}if(r){n=new URL(r)}return n}t.getProxyUrl=getProxyUrl;function checkBypass(e){if(!e.hostname){return false}let t=process.env["no_proxy"]||process.env["NO_PROXY"]||"";if(!t){return false}let n;if(e.port){n=Number(e.port)}else if(e.protocol==="http:"){n=80}else if(e.protocol==="https:"){n=443}let r=[e.hostname.toUpperCase()];if(typeof n==="number"){r.push(`${r[0]}:${n}`)}for(let e of t.split(",").map((e=>e.trim().toUpperCase())).filter((e=>e))){if(r.some((t=>t===e))){return true}}return false}t.checkBypass=checkBypass},294:(e,t,n)=>{e.exports=n(219)},219:(e,t,n)=>{"use strict";var r=n(808);var o=n(404);var s=n(685);var i=n(687);var a=n(361);var c=n(491);var u=n(837);t.httpOverHttp=httpOverHttp;t.httpsOverHttp=httpsOverHttp;t.httpOverHttps=httpOverHttps;t.httpsOverHttps=httpsOverHttps;function httpOverHttp(e){var t=new TunnelingAgent(e);t.request=s.request;return t}function httpsOverHttp(e){var t=new TunnelingAgent(e);t.request=s.request;t.createSocket=createSecureSocket;t.defaultPort=443;return t}function httpOverHttps(e){var t=new TunnelingAgent(e);t.request=i.request;return t}function httpsOverHttps(e){var t=new TunnelingAgent(e);t.request=i.request;t.createSocket=createSecureSocket;t.defaultPort=443;return t}function TunnelingAgent(e){var t=this;t.options=e||{};t.proxyOptions=t.options.proxy||{};t.maxSockets=t.options.maxSockets||s.Agent.defaultMaxSockets;t.requests=[];t.sockets=[];t.on("free",(function onFree(e,n,r,o){var s=toOptions(n,r,o);for(var i=0,a=t.requests.length;i<a;++i){var c=t.requests[i];if(c.host===s.host&&c.port===s.port){t.requests.splice(i,1);c.request.onSocket(e);return}}e.destroy();t.removeSocket(e)}))}u.inherits(TunnelingAgent,a.EventEmitter);TunnelingAgent.prototype.addRequest=function addRequest(e,t,n,r){var o=this;var s=mergeOptions({request:e},o.options,toOptions(t,n,r));if(o.sockets.length>=this.maxSockets){o.requests.push(s);return}o.createSocket(s,(function(t){t.on("free",onFree);t.on("close",onCloseOrRemove);t.on("agentRemove",onCloseOrRemove);e.onSocket(t);function onFree(){o.emit("free",t,s)}function onCloseOrRemove(e){o.removeSocket(t);t.removeListener("free",onFree);t.removeListener("close",onCloseOrRemove);t.removeListener("agentRemove",onCloseOrRemove)}}))};TunnelingAgent.prototype.createSocket=function createSocket(e,t){var n=this;var r={};n.sockets.push(r);var o=mergeOptions({},n.proxyOptions,{method:"CONNECT",path:e.host+":"+e.port,agent:false,headers:{host:e.host+":"+e.port}});if(e.localAddress){o.localAddress=e.localAddress}if(o.proxyAuth){o.headers=o.headers||{};o.headers["Proxy-Authorization"]="Basic "+new Buffer(o.proxyAuth).toString("base64")}l("making CONNECT request");var s=n.request(o);s.useChunkedEncodingByDefault=false;s.once("response",onResponse);s.once("upgrade",onUpgrade);s.once("connect",onConnect);s.once("error",onError);s.end();function onResponse(e){e.upgrade=true}function onUpgrade(e,t,n){process.nextTick((function(){onConnect(e,t,n)}))}function onConnect(o,i,a){s.removeAllListeners();i.removeAllListeners();if(o.statusCode!==200){l("tunneling socket could not be established, statusCode=%d",o.statusCode);i.destroy();var c=new Error("tunneling socket could not be established, "+"statusCode="+o.statusCode);c.code="ECONNRESET";e.request.emit("error",c);n.removeSocket(r);return}if(a.length>0){l("got illegal response body from proxy");i.destroy();var c=new Error("got illegal response body from proxy");c.code="ECONNRESET";e.request.emit("error",c);n.removeSocket(r);return}l("tunneling connection has established");n.sockets[n.sockets.indexOf(r)]=i;return t(i)}function onError(t){s.removeAllListeners();l("tunneling socket could not be established, cause=%s\n",t.message,t.stack);var o=new Error("tunneling socket could not be established, "+"cause="+t.message);o.code="ECONNRESET";e.request.emit("error",o);n.removeSocket(r)}};TunnelingAgent.prototype.removeSocket=function removeSocket(e){var t=this.sockets.indexOf(e);if(t===-1){return}this.sockets.splice(t,1);var n=this.requests.shift();if(n){this.createSocket(n,(function(e){n.request.onSocket(e)}))}};function createSecureSocket(e,t){var n=this;TunnelingAgent.prototype.createSocket.call(n,e,(function(r){var s=e.request.getHeader("host");var i=mergeOptions({},n.options,{socket:r,servername:s?s.replace(/:.*$/,""):e.host});var a=o.connect(0,i);n.sockets[n.sockets.indexOf(r)]=a;t(a)}))}function toOptions(e,t,n){if(typeof e==="string"){return{host:e,port:t,localAddress:n}}return e}function mergeOptions(e){for(var t=1,n=arguments.length;t<n;++t){var r=arguments[t];if(typeof r==="object"){var o=Object.keys(r);for(var s=0,i=o.length;s<i;++s){var a=o[s];if(r[a]!==undefined){e[a]=r[a]}}}}return e}var l;if(process.env.NODE_DEBUG&&/\btunnel\b/.test(process.env.NODE_DEBUG)){l=function(){var e=Array.prototype.slice.call(arguments);if(typeof e[0]==="string"){e[0]="TUNNEL: "+e[0]}else{e.unshift("TUNNEL:")}console.error.apply(console,e)}}else{l=function(){}}t.debug=l},48:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};var o=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:true});t.BaseClient=void 0;const s=o(n(687));const i=n(310);const{version:a}=n(598);class BaseClient{static request(e,t){if(!e.headers){e.headers={}}if(!e.headers["User-Agent"]){e.headers["User-Agent"]=`google-github-actions:auth/${a}`}return new Promise(((n,r)=>{const o=s.default.request(e,(e=>{e.setEncoding("utf8");let t="";e.on("data",(e=>{t+=e}));e.on("end",(()=>{if(e.statusCode&&e.statusCode>=400){r(t)}else{n(t)}}))}));o.on("error",(e=>{r(e)}));if(t!=null){o.write(t)}o.end()}))}static googleIDToken(e,{serviceAccount:t,audience:n,delegates:o,includeEmail:s}){return r(this,void 0,void 0,(function*(){const r=`projects/-/serviceAccounts/${t}`;const a=new i.URL(`https://iamcredentials.googleapis.com/v1/${r}:generateIdToken`);const c={delegates:o,audience:n,includeEmail:s};const u={hostname:a.hostname,port:a.port,path:a.pathname+a.search,method:"POST",headers:{Authorization:`Bearer ${e}`,Accept:"application/json","Content-Type":"application/json"}};try{const e=yield BaseClient.request(u,JSON.stringify(c));const t=JSON.parse(e);return{token:t["token"]}}catch(e){throw new Error(`failed to generate Google Cloud ID token for ${t}: ${e}`)}}))}static googleAccessToken(e,{serviceAccount:t,delegates:n,scopes:o,lifetime:s}){return r(this,void 0,void 0,(function*(){const r=`projects/-/serviceAccounts/${t}`;const a=new i.URL(`https://iamcredentials.googleapis.com/v1/${r}:generateAccessToken`);const c={};if(n&&n.length>0){c.delegates=n}if(o&&o.length>0){c.scope=o}if(s&&s>0){c.lifetime=`${s}s`}const u={hostname:a.hostname,port:a.port,path:a.pathname+a.search,method:"POST",headers:{Authorization:`Bearer ${e}`,Accept:"application/json","Content-Type":"application/json"}};try{const e=yield BaseClient.request(u,JSON.stringify(c));const t=JSON.parse(e);return{accessToken:t["accessToken"],expiration:t["expireTime"]}}catch(e){throw new Error(`Failed to generate Google Cloud access token for ${t}: ${e}`)}}))}static googleOAuthToken(e){return r(this,void 0,void 0,(function*(){const t=new i.URL("https://oauth2.googleapis.com/token");const n={hostname:t.hostname,port:t.port,path:t.pathname+t.search,method:"POST",headers:{Accept:"application/json","Content-Type":"application/x-www-form-urlencoded"}};const r=new i.URLSearchParams;r.append("grant_type","urn:ietf:params:oauth:grant-type:jwt-bearer");r.append("assertion",e);try{const e=yield BaseClient.request(n,r.toString());const t=JSON.parse(e);const o=new Date((new Date).getTime()+t["expires_in"]*1e4);return{accessToken:t["access_token"],expiration:o.toISOString()}}catch(e){throw new Error(`Failed to generate Google Cloud OAuth token: ${e}`)}}))}}t.BaseClient=BaseClient},326:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};var o=this&&this.__classPrivateFieldSet||function(e,t,n,r,o){if(r==="m")throw new TypeError("Private method is not writable");if(r==="a"&&!o)throw new TypeError("Private accessor was defined without a setter");if(typeof t==="function"?e!==t||!o:!t.has(e))throw new TypeError("Cannot write private member to an object whose class did not declare it");return r==="a"?o.call(e,n):o?o.value=n:t.set(e,n),n};var s=this&&this.__classPrivateFieldGet||function(e,t,n,r){if(n==="a"&&!r)throw new TypeError("Private accessor was defined without a getter");if(typeof t==="function"?e!==t||!r:!t.has(e))throw new TypeError("Cannot read private member from an object whose class did not declare it");return n==="m"?r:n==="a"?r.call(e):r?r.value:t.get(e)};var i,a;Object.defineProperty(t,"__esModule",{value:true});t.CredentialsJSONClient=void 0;const c=n(113);const u=n(314);class CredentialsJSONClient{constructor(e){i.set(this,void 0);a.set(this,void 0);o(this,a,this.parseServiceAccountKeyJSON(e.credentialsJSON),"f");o(this,i,e.projectID||s(this,a,"f")["project_id"],"f")}parseServiceAccountKeyJSON(e){e=(0,u.trimmedString)(e);if(!e){throw new Error(`Missing service account key JSON (got empty value)`)}if(!e.startsWith("{")){e=(0,u.fromBase64)(e)}let t;try{t=JSON.parse(e)}catch(e){throw new SyntaxError(`Failed to parse credentials as JSON: ${e}`)}const requireValue=e=>{const n=(0,u.trimmedString)(t[e]);if(!n){throw new Error(`Service account key JSON is missing required field "${e}"`)}};requireValue("project_id");requireValue("private_key_id");requireValue("private_key");requireValue("client_email");return t}getAuthToken(){return r(this,void 0,void 0,(function*(){const e={alg:"RS256",typ:"JWT",kid:s(this,a,"f")["private_key_id"]};const t=Math.floor((new Date).getTime()/1e3);const n={iss:s(this,a,"f")["client_email"],sub:s(this,a,"f")["client_email"],aud:"https://iamcredentials.googleapis.com/",iat:t,exp:t+3599};const r=(0,u.toBase64)(JSON.stringify(e))+"."+(0,u.toBase64)(JSON.stringify(n));try{const e=(0,c.createSign)("RSA-SHA256");e.write(r);e.end();const t=e.sign(s(this,a,"f")["private_key"]);return r+"."+(0,u.toBase64)(t)}catch(e){throw new Error(`Failed to sign auth token using ${yield this.getServiceAccount()}: ${e}`)}}))}signJWT(e){return r(this,void 0,void 0,(function*(){const t={alg:"RS256",typ:"JWT",kid:s(this,a,"f")["private_key_id"]};const n=(0,u.toBase64)(JSON.stringify(t))+"."+(0,u.toBase64)(e);try{const e=(0,c.createSign)("RSA-SHA256");e.write(n);e.end();const t=e.sign(s(this,a,"f")["private_key"]);const r=n+"."+(0,u.toBase64)(t);return r}catch(e){throw new Error(`Failed to sign JWT using ${yield this.getServiceAccount()}: ${e}`)}}))}getProjectID(){return r(this,void 0,void 0,(function*(){return s(this,i,"f")}))}getServiceAccount(){return r(this,void 0,void 0,(function*(){return s(this,a,"f")["client_email"]}))}createCredentialsFile(e){return r(this,void 0,void 0,(function*(){return yield(0,u.writeSecureFile)(e,JSON.stringify(s(this,a,"f")))}))}}t.CredentialsJSONClient=CredentialsJSONClient;i=new WeakMap,a=new WeakMap},790:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};var o=this&&this.__classPrivateFieldSet||function(e,t,n,r,o){if(r==="m")throw new TypeError("Private method is not writable");if(r==="a"&&!o)throw new TypeError("Private accessor was defined without a setter");if(typeof t==="function"?e!==t||!o:!t.has(e))throw new TypeError("Cannot write private member to an object whose class did not declare it");return r==="a"?o.call(e,n):o?o.value=n:t.set(e,n),n};var s=this&&this.__classPrivateFieldGet||function(e,t,n,r){if(n==="a"&&!r)throw new TypeError("Private accessor was defined without a getter");if(typeof t==="function"?e!==t||!r:!t.has(e))throw new TypeError("Cannot read private member from an object whose class did not declare it");return n==="m"?r:n==="a"?r.call(e):r?r.value:t.get(e)};var i,a,c,u,l,p,d;Object.defineProperty(t,"__esModule",{value:true});t.WorkloadIdentityClient=void 0;const f=n(310);const h=n(314);const g=n(48);class WorkloadIdentityClient{constructor(e){i.set(this,void 0);a.set(this,void 0);c.set(this,void 0);u.set(this,void 0);l.set(this,void 0);p.set(this,void 0);d.set(this,void 0);o(this,a,e.providerID,"f");o(this,c,e.serviceAccount,"f");o(this,u,e.token,"f");o(this,l,e.audience,"f");o(this,p,e.oidcTokenRequestURL,"f");o(this,d,e.oidcTokenRequestToken,"f");o(this,i,e.projectID||this.extractProjectIDFromServiceAccountEmail(s(this,c,"f")),"f")}extractProjectIDFromServiceAccountEmail(e){if(!e){return""}const[,t]=e.split("@",2);if(!e.endsWith(".iam.gserviceaccount.com")){throw new Error(`Service account email ${e} is not of the form `+`"[name]@[project].iam.gserviceaccount.com. You must manually `+`specify the "project_id" parameter in your GitHub Actions workflow.`)}const[n]=t.split(".",2);return n}getAuthToken(){return r(this,void 0,void 0,(function*(){const e=new f.URL("https://sts.googleapis.com/v1/token");const t={audience:"//iam.googleapis.com/"+s(this,a,"f"),grantType:"urn:ietf:params:oauth:grant-type:token-exchange",requestedTokenType:"urn:ietf:params:oauth:token-type:access_token",scope:"https://www.googleapis.com/auth/cloud-platform",subjectTokenType:"urn:ietf:params:oauth:token-type:jwt",subjectToken:s(this,u,"f")};const n={hostname:e.hostname,port:e.port,path:e.pathname+e.search,method:"POST",headers:{Accept:"application/json","Content-Type":"application/json"}};try{const e=yield g.BaseClient.request(n,JSON.stringify(t));const r=JSON.parse(e);return r["access_token"]}catch(e){throw new Error(`Failed to generate Google Cloud federated token for ${s(this,a,"f")}: ${e}`)}}))}signJWT(e,t){return r(this,void 0,void 0,(function*(){const n=yield this.getServiceAccount();const r=yield this.getAuthToken();const o=new f.URL(`https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/${n}:signJwt`);const s={payload:e};if(t&&t.length>0){s.delegates=t}const i={hostname:o.hostname,port:o.port,path:o.pathname+o.search,method:"POST",headers:{Accept:"application/json",Authorization:`Bearer ${r}`,"Content-Type":"application/json"}};try{const e=yield g.BaseClient.request(i,JSON.stringify(s));const t=JSON.parse(e);return t["signedJwt"]}catch(e){throw new Error(`Failed to sign JWT using ${n}: ${e}`)}}))}getProjectID(){return r(this,void 0,void 0,(function*(){return s(this,i,"f")}))}getServiceAccount(){return r(this,void 0,void 0,(function*(){return s(this,c,"f")}))}createCredentialsFile(e){return r(this,void 0,void 0,(function*(){const t=new f.URL(s(this,p,"f"));const n=t.searchParams;n.set("audience",s(this,l,"f"));t.search=n.toString();const r={type:"external_account",audience:`//iam.googleapis.com/${s(this,a,"f")}`,subject_token_type:"urn:ietf:params:oauth:token-type:jwt",token_url:"https://sts.googleapis.com/v1/token",service_account_impersonation_url:`https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/${s(this,c,"f")}:generateAccessToken`,credential_source:{url:t,headers:{Authorization:`Bearer ${s(this,d,"f")}`},format:{type:"json",subject_token_field_name:"value"}}};return yield(0,h.writeSecureFile)(e,JSON.stringify(r))}))}}t.WorkloadIdentityClient=WorkloadIdentityClient;i=new WeakMap,a=new WeakMap,c=new WeakMap,u=new WeakMap,l=new WeakMap,p=new WeakMap,d=new WeakMap},399:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};Object.defineProperty(t,"__esModule",{value:true});const o=n(186);const s=n(790);const i=n(326);const a=n(48);const c=n(314);const u=`If you are specifying input values via GitHub secrets, ensure the secret `+`is being injected into the environment. By default, secrets are not `+`passed to workflows triggered from forks, including Dependabot.`;const l=`GitHub Actions did not inject $ACTIONS_ID_TOKEN_REQUEST_TOKEN or `+`$ACTIONS_ID_TOKEN_REQUEST_URL into this job. This most likely means the `+`GitHub Actions workflow permissions are incorrect, or this job is being `+`run from a fork. For more information, please see https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token`;function run(){return r(this,void 0,void 0,(function*(){try{const e=(0,o.getInput)("project_id");const t=(0,o.getInput)("workload_identity_provider");const n=(0,o.getInput)("service_account");const r=(0,o.getInput)("audience")||`https://iam.googleapis.com/${t}`;const p=(0,o.getInput)("credentials_json");const d=(0,o.getBooleanInput)("create_credentials_file");const f=(0,o.getInput)("token_format");const h=(0,c.explodeStrings)((0,o.getInput)("delegates"));if(!t&&!p||t&&p){throw new Error("The GitHub Action workflow must specify exactly one of "+'"workload_identity_provider" or "credentials_json"! '+u)}if(t&&!n){throw new Error('The GitHub Action workflow must specify a "service_account" to '+'impersonate when using "workload_identity_provider"! '+u)}let g;if(t){const i=process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN;const a=process.env.ACTIONS_ID_TOKEN_REQUEST_URL;if(!i||!a){throw new Error(l)}const c=yield(0,o.getIDToken)(r);g=new s.WorkloadIdentityClient({projectID:e,providerID:t,serviceAccount:n,token:c,audience:r,oidcTokenRequestToken:i,oidcTokenRequestURL:a})}else{g=new i.CredentialsJSONClient({projectID:e,credentialsJSON:p})}if(d){const e=process.env.GITHUB_WORKSPACE;if(!e){throw new Error("$GITHUB_WORKSPACE is not set")}const t=yield g.createCredentialsFile(e);(0,o.setOutput)("credentials_file_path",t);(0,o.exportVariable)("CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE",t);(0,o.exportVariable)("GOOGLE_APPLICATION_CREDENTIALS",t);(0,o.exportVariable)("GOOGLE_GHA_CREDS_PATH",t)}const m=yield g.getProjectID();(0,o.setOutput)("project_id",m);(0,o.exportVariable)("CLOUDSDK_PROJECT",m);(0,o.exportVariable)("CLOUDSDK_CORE_PROJECT",m);(0,o.exportVariable)("GCP_PROJECT",m);(0,o.exportVariable)("GCLOUD_PROJECT",m);(0,o.exportVariable)("GOOGLE_CLOUD_PROJECT",m);switch(f){case"":{break}case null:{break}case"access_token":{const e=(0,c.parseDuration)((0,o.getInput)("access_token_lifetime"));const t=(0,c.explodeStrings)((0,o.getInput)("access_token_scopes"));const n=(0,o.getInput)("access_token_subject");const r=yield g.getServiceAccount();let s,i;if(n){const o=(0,c.buildDomainWideDelegationJWT)(r,n,t,e);const u=yield g.signJWT(o,h);({accessToken:s,expiration:i}=yield a.BaseClient.googleOAuthToken(u))}else{const n=yield g.getAuthToken();({accessToken:s,expiration:i}=yield a.BaseClient.googleAccessToken(n,{serviceAccount:r,delegates:h,scopes:t,lifetime:e}))}(0,o.setSecret)(s);(0,o.setOutput)("access_token",s);(0,o.setOutput)("access_token_expiration",i);break}case"id_token":{const e=(0,o.getInput)("id_token_audience",{required:true});const t=(0,o.getBooleanInput)("id_token_include_email");const n=yield g.getServiceAccount();const r=yield g.getAuthToken();const{token:s}=yield a.BaseClient.googleIDToken(r,{serviceAccount:n,audience:e,delegates:h,includeEmail:t});(0,o.setSecret)(s);(0,o.setOutput)("id_token",s);break}default:{throw new Error(`Unknown token format "${f}"`)}}}catch(e){(0,o.setFailed)(`google-github-actions/auth failed with: ${e}`)}}))}run()},314:function(e,t,n){"use strict";var r=this&&this.__awaiter||function(e,t,n,r){function adopt(e){return e instanceof n?e:new n((function(t){t(e)}))}return new(n||(n=Promise))((function(n,o){function fulfilled(e){try{step(r.next(e))}catch(e){o(e)}}function rejected(e){try{step(r["throw"](e))}catch(e){o(e)}}function step(e){e.done?n(e.value):adopt(e.value).then(fulfilled,rejected)}step((r=r.apply(e,t||[])).next())}))};var o=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:true});t.buildDomainWideDelegationJWT=t.parseDuration=t.trimmedString=t.fromBase64=t.toBase64=t.explodeStrings=t.removeExportedCredentials=t.writeSecureFile=void 0;const s=n(147);const i=o(n(113));const a=o(n(17));function writeSecureFile(e,t){return r(this,void 0,void 0,(function*(){const n=i.default.randomBytes(12).toString("hex");const r=a.default.join(e,n);yield s.promises.writeFile(r,t,{mode:416,flag:"wx"});return r}))}t.writeSecureFile=writeSecureFile;function removeExportedCredentials(){return r(this,void 0,void 0,(function*(){const e=process.env["GOOGLE_GHA_CREDS_PATH"];if(!e){return""}try{yield s.promises.unlink(e);return e}catch(e){if(e instanceof Error)if(e&&e.message&&e.message.includes("ENOENT")){return""}throw new Error(`failed to remove exported credentials: ${e}`)}}))}t.removeExportedCredentials=removeExportedCredentials;function explodeStrings(e){if(!e||e.trim().length===0){return[]}const t=new Array;let n="";let r=false;for(const o of e){if(r){n+=o;r=false;continue}switch(o){case"\\":r=true;continue;case",":case"\n":{const e=n.trim();if(e){t.push(e)}n="";break}default:n+=o}}const o=n.trim();if(o){t.push(o)}return t}t.explodeStrings=explodeStrings;function toBase64(e){return Buffer.from(e).toString("base64").replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}t.toBase64=toBase64;function fromBase64(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");while(t.length%4)t+="=";return Buffer.from(t,"base64").toString("utf8")}t.fromBase64=fromBase64;function trimmedString(e){return e?e.trim():""}t.trimmedString=trimmedString;function parseDuration(e){const t=(e||"").trim();if(!t){return 0}let n=0;let r="";for(let t=0;t<e.length;t++){const o=e[t];switch(o){case" ":continue;case",":continue;case"s":{n+=+r;r="";break}case"m":{n+=+r*60;r="";break}case"h":{n+=+r*60*60;r="";break}case"0":case"1":case"2":case"3":case"4":case"5":case"6":case"7":case"8":case"9":r+=o;break;default:throw new SyntaxError(`Unsupported character "${o}" at position ${t}`)}}if(r){n+=+r}return n}t.parseDuration=parseDuration;function buildDomainWideDelegationJWT(e,t,n,r){const o=Math.floor((new Date).getTime()/1e3);const s={iss:e,aud:"https://oauth2.googleapis.com/token",iat:o,exp:o+r};if(t&&t.trim().length>0){s.sub=t}if(n&&n.length>0){s.scope=n.join(" ")}return JSON.stringify(s)}t.buildDomainWideDelegationJWT=buildDomainWideDelegationJWT},491:e=>{"use strict";e.exports=require("assert")},113:e=>{"use strict";e.exports=require("crypto")},361:e=>{"use strict";e.exports=require("events")},147:e=>{"use strict";e.exports=require("fs")},685:e=>{"use strict";e.exports=require("http")},687:e=>{"use strict";e.exports=require("https")},808:e=>{"use strict";e.exports=require("net")},37:e=>{"use strict";e.exports=require("os")},17:e=>{"use strict";e.exports=require("path")},404:e=>{"use strict";e.exports=require("tls")},310:e=>{"use strict";e.exports=require("url")},837:e=>{"use strict";e.exports=require("util")},598:e=>{"use strict";e.exports=JSON.parse('{"name":"@google-github-actions/auth","version":"0.4.0","description":"Authenticate to Google Cloud using OIDC tokens or JSON service account keys.","main":"dist/main/index.js","scripts":{"build":"ncc build -m src/main.ts -o dist/main && ncc -m build src/post.ts -o dist/post","lint":"eslint . --ext .ts,.tsx","format":"prettier --write **/*.ts","test":"mocha -r ts-node/register -t 120s \'tests/**/*.test.ts\'"},"repository":{"type":"git","url":"https://github.com/google-github-actions/auth"},"keywords":["actions","google cloud","identity","auth","oidc"],"author":"GoogleCloudPlatform","license":"Apache-2.0","dependencies":{"@actions/core":"^1.6.0"},"devDependencies":{"@types/chai":"^4.2.22","@types/mocha":"^9.0.0","@types/node":"^16.11.11","@typescript-eslint/eslint-plugin":"^5.5.0","@typescript-eslint/parser":"^5.5.0","@vercel/ncc":"^0.33.0","chai":"^4.3.4","eslint":"^8.3.0","eslint-config-prettier":"^8.3.0","eslint-plugin-prettier":"^4.0.0","mocha":"^9.1.3","prettier":"^2.5.0","ts-node":"^10.4.0","typescript":"^4.5.2"}}')}};var t={};function __nccwpck_require__(n){var r=t[n];if(r!==undefined){return r.exports}var o=t[n]={exports:{}};var s=true;try{e[n].call(o.exports,o,o.exports,__nccwpck_require__);s=false}finally{if(s)delete t[n]}return o.exports}if(typeof __nccwpck_require__!=="undefined")__nccwpck_require__.ab=__dirname+"/";var n=__nccwpck_require__(399);module.exports=n})();
\ No newline at end of file
diff --git a/src/client/workload_identity_client.ts b/src/client/workload_identity_client.ts
index 8187551..0cb58e3 100644
--- a/src/client/workload_identity_client.ts
+++ b/src/client/workload_identity_client.ts
@@ -25,6 +25,9 @@ interface WorkloadIdentityClientOptions {
   serviceAccount: string;
   token: string;
   audience: string;
+
+  oidcTokenRequestURL: string;
+  oidcTokenRequestToken: string;
 }
 
 /**
@@ -38,12 +41,18 @@ export class WorkloadIdentityClient implements AuthClient {
   readonly #token: string;
   readonly #audience: string;
 
+  readonly #oidcTokenRequestURL: string;
+  readonly #oidcTokenRequestToken: string;
+
   constructor(opts: WorkloadIdentityClientOptions) {
     this.#providerID = opts.providerID;
     this.#serviceAccount = opts.serviceAccount;
     this.#token = opts.token;
     this.#audience = opts.audience;
 
+    this.#oidcTokenRequestURL = opts.oidcTokenRequestURL;
+    this.#oidcTokenRequestToken = opts.oidcTokenRequestToken;
+
     this.#projectID =
       opts.projectID || this.extractProjectIDFromServiceAccountEmail(this.#serviceAccount);
   }
@@ -173,21 +182,7 @@ export class WorkloadIdentityClient implements AuthClient {
    * set as GOOGLE_APPLICATION_CREDENTIALS for gcloud and client libraries.
    */
   async createCredentialsFile(outputDir: string): Promise<string> {
-    // Extract the request token and request URL from the environment. These
-    // are only set when an id-token is requested and the submitter has
-    // collaborator permissions.
-    const requestToken = process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN;
-    const requestURLRaw = process.env.ACTIONS_ID_TOKEN_REQUEST_URL;
-    if (!requestToken || !requestURLRaw) {
-      throw new Error(
-        'GitHub Actions did not inject $ACTIONS_ID_TOKEN_REQUEST_TOKEN or ' +
-          '$ACTIONS_ID_TOKEN_REQUEST_URL into this job. This most likely ' +
-          'means the GitHub Actions workflow permissions are incorrect, or ' +
-          'this job is being run from a fork. For more information, please ' +
-          'see the GitHub documentation at https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token',
-      );
-    }
-    const requestURL = new URL(requestURLRaw);
+    const requestURL = new URL(this.#oidcTokenRequestURL);
 
     // Append the audience value to the request.
     const params = requestURL.searchParams;
@@ -204,7 +199,7 @@ export class WorkloadIdentityClient implements AuthClient {
       credential_source: {
         url: requestURL,
         headers: {
-          Authorization: `Bearer ${requestToken}`,
+          Authorization: `Bearer ${this.#oidcTokenRequestToken}`,
         },
         format: {
           type: 'json',
diff --git a/src/main.ts b/src/main.ts
index 9f616d8..c72af58 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -16,9 +16,15 @@ import { BaseClient } from './base';
 import { buildDomainWideDelegationJWT, explodeStrings, parseDuration } from './utils';
 
 const secretsWarning =
-  'If you are specifying input values via GitHub secrets, ensure the secret ' +
-  'is being injected into the environment. By default, secrets are not passed ' +
-  'to workflows triggered from forks, including Dependabot.';
+  `If you are specifying input values via GitHub secrets, ensure the secret ` +
+  `is being injected into the environment. By default, secrets are not ` +
+  `passed to workflows triggered from forks, including Dependabot.`;
+
+const oidcWarning =
+  `GitHub Actions did not inject $ACTIONS_ID_TOKEN_REQUEST_TOKEN or ` +
+  `$ACTIONS_ID_TOKEN_REQUEST_URL into this job. This most likely means the ` +
+  `GitHub Actions workflow permissions are incorrect, or this job is being ` +
+  `run from a fork. For more information, please see https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token`;
 
 /**
  * Executes the main action, documented inline.
@@ -61,6 +67,15 @@ async function run(): Promise<void> {
     // Instantiate the correct client based on the provided input parameters.
     let client: AuthClient;
     if (workloadIdentityProvider) {
+      // If we're going to do the OIDC dance, we need to make sure these values
+      // are set. If they aren't, core.getIDToken() will fail and so will
+      // generating the credentials file.
+      const oidcTokenRequestToken = process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN;
+      const oidcTokenRequestURL = process.env.ACTIONS_ID_TOKEN_REQUEST_URL;
+      if (!oidcTokenRequestToken || !oidcTokenRequestURL) {
+        throw new Error(oidcWarning);
+      }
+
       const token = await getIDToken(audience);
       client = new WorkloadIdentityClient({
         projectID: projectID,
@@ -68,6 +83,8 @@ async function run(): Promise<void> {
         serviceAccount: serviceAccount,
         token: token,
         audience: audience,
+        oidcTokenRequestToken: oidcTokenRequestToken,
+        oidcTokenRequestURL: oidcTokenRequestURL,
       });
     } else {
       client = new CredentialsJSONClient({
diff --git a/tests/client/workload_identity_client.test.ts b/tests/client/workload_identity_client.test.ts
index e4a7dc9..075f70b 100644
--- a/tests/client/workload_identity_client.test.ts
+++ b/tests/client/workload_identity_client.test.ts
@@ -15,6 +15,8 @@ describe('WorkloadIdentityClient', () => {
         token: 'my-token',
         serviceAccount: 'my-service@my-project.iam.gserviceaccount.com',
         audience: 'my-aud',
+        oidcTokenRequestURL: 'https://example.com/',
+        oidcTokenRequestToken: 'token',
       });
 
       const result = await client.getProjectID();
@@ -28,6 +30,8 @@ describe('WorkloadIdentityClient', () => {
         token: 'my-token',
         serviceAccount: 'my-service@my-project.iam.gserviceaccount.com',
         audience: 'my-aud',
+        oidcTokenRequestURL: 'https://example.com/',
+        oidcTokenRequestToken: 'token',
       });
 
       const result = await client.getProjectID();
@@ -41,6 +45,8 @@ describe('WorkloadIdentityClient', () => {
           token: 'my-token',
           serviceAccount: 'my-service@developers.google.com',
           audience: 'my-aud',
+          oidcTokenRequestURL: 'https://example.com/',
+          oidcTokenRequestToken: 'token',
         });
       };
       return expect(fn).to.throw(Error);
@@ -55,6 +61,8 @@ describe('WorkloadIdentityClient', () => {
         serviceAccount: 'my-service@my-project.iam.gserviceaccount.com',
         token: 'my-token',
         audience: 'my-aud',
+        oidcTokenRequestURL: 'https://example.com/',
+        oidcTokenRequestToken: 'token',
       });
       const result = await client.getServiceAccount();
       expect(result).to.eq('my-service@my-project.iam.gserviceaccount.com');
@@ -63,9 +71,6 @@ describe('WorkloadIdentityClient', () => {
 
   describe('#createCredentialsFile', () => {
     it('writes the file', async () => {
-      process.env.ACTIONS_ID_TOKEN_REQUEST_URL = 'https://actions-token.url';
-      process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN = 'github-token';
-
       const tmp = tmpdir();
       const client = new WorkloadIdentityClient({
         projectID: 'my-project',
@@ -73,6 +78,8 @@ describe('WorkloadIdentityClient', () => {
         serviceAccount: 'my-service@my-project.iam.gserviceaccount.com',
         token: 'my-token',
         audience: 'my-aud',
+        oidcTokenRequestURL: 'https://example.com/',
+        oidcTokenRequestToken: 'token',
       });
 
       const exp = {
@@ -83,9 +90,9 @@ describe('WorkloadIdentityClient', () => {
             type: 'json',
           },
           headers: {
-            Authorization: 'Bearer github-token',
+            Authorization: 'Bearer token',
           },
-          url: 'https://actions-token.url/?audience=my-aud',
+          url: 'https://example.com/?audience=my-aud',
         },
         service_account_impersonation_url:
           'https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/my-service@my-project.iam.gserviceaccount.com:generateAccessToken',