STACKITGit/end-to-end
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

fix subject assertion and extract jwt-cli version to env var

Browse source 
Signed-off-by: Mario Minardi <mminardi@shaw.ca>
This commit is contained in:
Mario Minardi 2026-01-19 08:40:56 -07:00
parent cc4d44e986
commit f5c3f7820b
1 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
actions/example-id-tokens/.forgejo/workflows/test.yml
View file

@ -1,11 +1,15 @@
on: [push] on: [push]
env:
JWT_CLI_VERSION: 6.2.0 # renovate: datasource=github-releases depName=jwt-cli packageName=mike-engel/jwt-cli
jobs: jobs:
generation-allowed: generation-allowed:
enable-openid-connect: true enable-openid-connect: true
runs-on: docker runs-on: docker
steps: steps:
- run: curl -L -o jq https://github.com/jqlang/jq/releases/latest/download/jq-linux-amd64 && chmod a+x ./jq - run: curl -L -o jq https://github.com/jqlang/jq/releases/latest/download/jq-linux-amd64 && chmod a+x ./jq
- run: curl -L -o jwt-linux.tar.gz https://github.com/mike-engel/jwt-cli/releases/download/6.2.0/jwt-linux-musl.tar.gz && tar -xvzf ./jwt-linux.tar.gz && chmod a+x ./jwt - run: curl -L -o jwt-linux.tar.gz https://github.com/mike-engel/jwt-cli/releases/download/${{ env.JWT_CLI_VERSION }}/jwt-linux-musl.tar.gz && tar -xvzf ./jwt-linux.tar.gz && chmod a+x ./jwt
- name: validate token generation works - name: validate token generation works
run: | run: |
RAW_JWT=$(curl -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=exampleAudience" | ./jq -r ".value") RAW_JWT=$(curl -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=exampleAudience" | ./jq -r ".value")
@ -53,7 +57,7 @@ jobs:
exit 1 exit 1
fi fi
if [[ "$SUB" != "repo:root/example-id-tokens:ref:refs/head/master" ]]; then if [[ "$SUB" != "repo:root/example-id-tokens:ref:refs/head/master" ]]; then
echo "Error: SUB should be repo:root/example-id-tokens:ref:refs/head/master but is $SUB" echo "Error: SUB should be repo:root/example-id-tokens:ref:refs/head/main but is $SUB"
exit 1 exit 1
fi fi