Merge pull request #1714 from actions/bdehamer/attest-no-make-fetch-h…

…appen

(@actions/attest) remove dep on make-fetch-happen

packages/attest/RELEASES.md

@@ -5,6 +5,7 @@
 - Generate attestations using the v0.3 Sigstore bundle format.
 - Bump @sigstore/bundle from 2.2.0 to 2.3.0.
 - Bump @sigstore/sign from 2.2.3 to 2.3.0.
+- Remove dependency on make-fetch-happen
 
 ### 1.1.0
 

packages/attest/__tests__/provenance.test.ts

@@ -2,6 +2,7 @@ import * as github from '@actions/github'
 import {mockFulcio, mockRekor, mockTSA} from '@sigstore/mock'
 import * as jose from 'jose'
 import nock from 'nock'
+import {MockAgent, setGlobalDispatcher} from 'undici'
 import {SIGSTORE_GITHUB, SIGSTORE_PUBLIC_GOOD} from '../src/endpoints'
 import {attestProvenance, buildSLSAProvenancePredicate} from '../src/provenance'
 
@@ -12,6 +13,10 @@ describe('provenance functions', () => {
   const jwksPath = '/.well-known/jwks.json'
   const tokenPath = '/token'
 
+  // MockAgent for mocking @actions/github
+  const mockAgent = new MockAgent()
+  setGlobalDispatcher(mockAgent)
+
   const claims = {
     iss: issuer,
     aud: 'nobody',
@@ -97,9 +102,12 @@ describe('provenance functions', () => {
         await mockFulcio({baseURL: fulcioURL, strict: false})
         await mockTSA({baseURL: tsaServerURL})
 
-        // Mock GH attestations API
-        nock('https://api.github.com')
-          .post(/^\/repos\/.*\/.*\/attestations$/)
+        mockAgent
+          .get('https://api.github.com')
+          .intercept({
+            path: /^\/repos\/.*\/.*\/attestations$/,
+            method: 'post'
+          })
           .reply(201, {id: attestationID})
       })
 
@@ -159,8 +167,12 @@ describe('provenance functions', () => {
         await mockRekor({baseURL: rekorURL})
 
         // Mock GH attestations API
-        nock('https://api.github.com')
-          .post(/^\/repos\/.*\/.*\/attestations$/)
+        mockAgent
+          .get('https://api.github.com')
+          .intercept({
+            path: /^\/repos\/.*\/.*\/attestations$/,
+            method: 'post'
+          })
           .reply(201, {id: attestationID})
       })
 

packages/attest/__tests__/store.test.ts

@@ -1,11 +1,14 @@
-import nock from 'nock'
+import {MockAgent, setGlobalDispatcher} from 'undici'
 import {writeAttestation} from '../src/store'
 
 describe('writeAttestation', () => {
   const originalEnv = process.env
   const attestation = {foo: 'bar '}
   const token = 'token'
 
+  const mockAgent = new MockAgent()
+  setGlobalDispatcher(mockAgent)
+
   beforeEach(() => {
     process.env = {
       ...originalEnv,
@@ -19,9 +22,14 @@ describe('writeAttestation', () => {
 
   describe('when the api call is successful', () => {
     beforeEach(() => {
-      nock('https://api.github.com')
-        .matchHeader('authorization', `token ${token}`)
-        .post('/repos/foo/bar/attestations', {bundle: attestation})
+      mockAgent
+        .get('https://api.github.com')
+        .intercept({
+          path: '/repos/foo/bar/attestations',
+          method: 'POST',
+          headers: {authorization: `token ${token}`},
+          body: JSON.stringify({bundle: attestation})
+        })
         .reply(201, {id: '123'})
     })
 
@@ -32,9 +40,14 @@ describe('writeAttestation', () => {
 
   describe('when the api call fails', () => {
     beforeEach(() => {
-      nock('https://api.github.com')
-        .matchHeader('authorization', `token ${token}`)
-        .post('/repos/foo/bar/attestations', {bundle: attestation})
+      mockAgent
+        .get('https://api.github.com')
+        .intercept({
+          path: '/repos/foo/bar/attestations',
+          method: 'POST',
+          headers: {authorization: `token ${token}`},
+          body: JSON.stringify({bundle: attestation})
+        })
         .reply(500, 'oops')
     })