From ff97121ee87892ed25a10f0ccd2b4c4478a769e6 Mon Sep 17 00:00:00 2001
From: Josh Johanning <joshjohanning@github.com>
Date: Thu, 7 Nov 2024 08:51:58 -0600
Subject: [PATCH] Create blank.yml

---
 .github/workflows/blank.yml | 61 +++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100644 .github/workflows/blank.yml

diff --git a/.github/workflows/blank.yml b/.github/workflows/blank.yml
new file mode 100644
index 0000000..a8a74a6
--- /dev/null
+++ b/.github/workflows/blank.yml
@@ -0,0 +1,61 @@
+# This is a basic workflow to help you get started with Actions
+
+name: CI
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the "main" branch
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+#---------------------------------------#
+
+  print-oidc-token:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write # this is needed for oidc
+      contents: read # this is needed to clone repo
+    steps:
+
+    # debug using the action
+    - name: Debug OIDC Claims
+      uses: github/actions-oidc-debugger@main
+      with:
+        audience: '${{ github.server_url }}/${{ github.repository_owner }}'
+        
+    # print oidc token claims manually
+    - name: print oidc token claims
+      run: |
+          IDTOKEN=$(curl -s -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL" -H "Accept: application/json; api-version=2.0" -H "Content-Type: application/json"  | jq -r '.value')
+          jwtd() {
+            if [[ -x $(command -v jq) ]]; then
+                jq -R 'split(".") | .[1] | @base64d | fromjson' <<< "${1}" > jwt_claims.json
+                cat jwt_claims.json
+                echo ${{ env.ACTIONS_ID_TOKEN_REQUEST_URL}} 
+            fi
+          }
+          jwtd $IDTOKEN
+    - name: print runner context
+      env:
+          RUNNER_CONTEXT: ${{ toJson(runner) }}
+      run: |
+          echo "$RUNNER_CONTEXT"
+    - name: print github context
+      env:
+          GITHUB_CONTEXT: ${{ toJson(github) }}
+      run: |
+          echo "$GITHUB_CONTEXT"
+    - name: print additional claims added to actions runtime environment
+      run: |
+          echo "ACTOR_ID: $GITHUB_ACTOR_ID"
+          echo "REPOSITORY_ID: $GITHUB_REPOSITORY_ID"
+          echo "REPOSITORY_OWNER_ID: $GITHUB_REPOSITORY_OWNER_ID"
+          echo "WORKFLOW_REF: $GITHUB_WORKFLOW_REF"
+          echo "WORKFLOW_SHA: $GITHUB_WORKFLOW_SHA"