Protected against expected Artifactory JSON

philwebb · philwebb · commit 5807fa784de4 · 2025-05-05T11:41:40.000-07:00
Update curl command to Artifactory to ensure that the response JSON has at least one expected field. Prior to this commit, it was possible for Artifactory to return an HTTP 200 response with a failure JSON payload of the form: {"message":"RBv2 spring:spring-release-bundles-v2/<redacted> was not found","status_code":404} We now pipe `curl` output to `jq` and use that to ensure at least one expected field is present. Closes gh-44813
diff --git a/.github/workflows/distribute.yml b/.github/workflows/distribute.yml
@@ -26,7 +26,8 @@ jobs:
           curl -s -u "${{ secrets.COMMERCIAL_ARTIFACTORY_USERNAME }}:${{ secrets.COMMERCIAL_ARTIFACTORY_PASSWORD }}" \
             -X POST -H "X-JFrog-Signing-Key-Name: packagesKey" -H "Content-Type: application/json" \
             "https://usw1.packages.broadcom.com/lifecycle/api/v2/release_bundle?project=spring" \
-            -d '{"release_bundle_name": "TNZ-spring-boot-commercial", "release_bundle_version": "${{ inputs.version }}", "skip_docker_manifest_resolution": true, "source_type": "builds", "source": {"builds": [ {"build_repository": "spring-build-info", "build_name": "spring-boot-commercial-${{ inputs.version }}", "build_number": "${{ inputs.build-number }}", "include_dependencies": false}]}}'
+            -d '{"release_bundle_name": "TNZ-spring-boot-commercial", "release_bundle_version": "${{ inputs.version }}", "skip_docker_manifest_resolution": true, "source_type": "builds", "source": {"builds": [ {"build_repository": "spring-build-info", "build_name": "spring-boot-commercial-${{ inputs.version }}", "build_number": "${{ inputs.build-number }}", "include_dependencies": false}]}}' | \
+            jq -e 'if has("repository_key") then . else halt_error end'
       - name: Sleep
         if: ${{ vars.COMMERCIAL && inputs.create-bundle }}
         shell: bash
@@ -38,4 +39,5 @@ jobs:
           curl -s -u "${{ secrets.COMMERCIAL_ARTIFACTORY_USERNAME }}:${{ secrets.COMMERCIAL_ARTIFACTORY_PASSWORD }}" \
             -X POST -H "Content-Type: application/json" \
             "https://usw1.packages.broadcom.com/lifecycle/api/v2/distribution/distribute/TNZ-spring-boot-commercial/${{ inputs.version }}?project=spring" \
-            -d '{"auto_create_missing_repositories": "false", "distribution_rules": [{"site_name": "JP-SaaS"}], "modifications": {"mappings": [{"input": "spring-enterprise-maven-prod-local/(.*)", "output": "spring-enterprise/$1"}]}}'
+            -d '{"auto_create_missing_repositories": "false", "distribution_rules": [{"site_name": "JP-SaaS"}], "modifications": {"mappings": [{"input": "spring-enterprise-maven-prod-local/(.*)", "output": "spring-enterprise/$1"}]}}' | \
+            jq -e 'if has("id") then . else halt_error end'
