docker
diff --git a/‎dist/index.js
Lines changed: 4 additions & 4 deletions b/‎dist/index.js
Lines changed: 4 additions & 4 deletions
diff --git a/‎dist/index.js.map
Lines changed: 1 addition & 1 deletion b/‎dist/index.js.map
Lines changed: 1 addition & 1 deletion
diff --git a/‎dist/licenses.txt
Lines changed: 25 additions & 0 deletions b/‎dist/licenses.txt
Lines changed: 25 additions & 0 deletions
diff --git a/‎package.json
Lines changed: 1 addition & 0 deletions b/‎package.json
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/github.ts
Lines changed: 9 additions & 0 deletions b/‎src/github.ts
Lines changed: 9 additions & 0 deletions
diff --git a/‎src/main.ts
Lines changed: 10 additions & 0 deletions b/‎src/main.ts
Lines changed: 10 additions & 0 deletions
diff --git a/‎yarn.lock
Lines changed: 5 additions & 0 deletions b/‎yarn.lock
Lines changed: 5 additions & 0 deletions
@@ -33,6 +33,7 @@
     "@actions/github": "^5.1.1",
     "csv-parse": "^5.3.3",
     "handlebars": "^4.7.7",
+    "jwt-decode": "^3.1.2",
     "semver": "^7.3.7",
     "tmp": "^0.2.1"
   },
 
@@ -0,0 +1,9 @@
+import jwt_decode, {JwtPayload} from 'jwt-decode';
+
+interface Jwt extends JwtPayload {
+  ac?: string;
+}
+
+export const parseRuntimeToken = (token: string): Jwt => {
+  return jwt_decode<Jwt>(token);
+};
@@ -2,6 +2,7 @@ import * as fs from 'fs';
 import * as buildx from './buildx';
 import * as context from './context';
 import * as docker from './docker';
+import * as github from './github';
 import * as stateHelper from './state-helper';
 import * as core from '@actions/core';
 import * as exec from '@actions/exec';
@@ -14,6 +15,15 @@ async function run(): Promise<void> {
     // standalone if docker cli not available
     const standalone = !(await docker.isAvailable());
 
+    await core.group(`GitHub Actions runtime token access controls`, async () => {
+      const actionsRuntimeToken = process.env['ACTIONS_RUNTIME_TOKEN'];
+      if (actionsRuntimeToken) {
+        core.info(JSON.stringify(JSON.parse(github.parseRuntimeToken(actionsRuntimeToken).ac as string), undefined, 2));
+      } else {
+        core.info(`ACTIONS_RUNTIME_TOKEN not set`);
+      }
+    });
+
     core.startGroup(`Docker info`);
     if (standalone) {
       core.info(`Docker info skipped in standalone mode`);
 
@@ -2828,6 +2828,11 @@ json5@2.x, json5@^2.1.2:
   resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.3.tgz#78cd6f1a19bdc12b73db5ad0c61efd66c1e29283"
   integrity sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==
 
+jwt-decode@^3.1.2:
+  version "3.1.2"
+  resolved "https://registry.yarnpkg.com/jwt-decode/-/jwt-decode-3.1.2.tgz#3fb319f3675a2df0c2895c8f5e9fa4b67b04ed59"
+  integrity sha512-UfpWE/VZn0iP50d8cz9NrZLM9lSWhcJ+0Gt/nm4by88UL+J1SiKN8/5dkjMmbEzwL2CAe+67GsegCbIKtbp75A==
+
 kleur@^3.0.3:
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/kleur/-/kleur-3.0.3.tgz#a79c9ecc86ee1ce3fa6206d1216c501f147fc07e"