Skip to main content

Synopsis

Report a Github pull request attestation to an artifact or a trail in a Kosli flow.
It checks if a pull request exists for a given merge commit and reports the pull-request attestation to Kosli.
The attestation can be bound to a trail using the trail name. The attestation can be bound to an artifact in two ways:
  • using the artifact’s SHA256 fingerprint which is calculated (based on the --artifact-type flag and the artifact name/path argument) or can be provided directly (with the --fingerprint flag).
  • using the artifact’s name in the flow yaml template and the git commit from which the artifact is/will be created. Useful when reporting an attestation before creating/reporting the artifact.

Flags

Flags inherited from parent commands

Live Examples in different CI systems

View an example of the kosli attest pullrequest github command in GitHub.In this YAML file, which created this Kosli Event.

Examples Use Cases

These examples all assume that the flags --api-token, --org, --host, (and --flow, --trail when required), are set/provided.
Last modified on June 18, 2026