Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sign releases with ambient credentials via Github Actions #60

Merged
merged 6 commits into from
Apr 30, 2022
Merged

Sign releases with ambient credentials via Github Actions #60

merged 6 commits into from
Apr 30, 2022

Conversation

tetsuo-cpp
Copy link
Contributor

Summary

This change hooks up the ambient credential detection to the CLI and uses it to sign releases in Github Actions.

Ticket Link

See #31. Does not close, since other detectors are needed.

@tetsuo-cpp
Copy link
Contributor Author

I'm testing this via another branch. I'll add a job to sign the LICENSE file and see if that works ok.

@tetsuo-cpp
Specify audience
dc0c231 
Signed-off-by: Alex Cameron <[email protected]>
@tetsuo-cpp tetsuo-cpp force-pushed the alex/use-ambient-credentials branch from 8473895 to dc0c231 Compare April 30, 2022 02:13
@tetsuo-cpp
Fix ambient unit tests
0729b9e 
Signed-off-by: Alex Cameron <[email protected]>
@tetsuo-cpp
Copy link
Contributor Author

If you're interested in seeing this in action, head over to #61 and have a look at the "sign" check I added.

It essentially just runs: sigstore sign LICENSE.

@tetsuo-cpp tetsuo-cpp requested review from woodruffw and di April 30, 2022 02:20
di
di reviewed Apr 30, 2022
View reviewed changes
sigstore/_cli.py Outdated Show resolved Hide resolved
di
di previously approved these changes Apr 30, 2022
View reviewed changes
Copy link
Member

@di di left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with just one small nit!

@woodruffw woodruffw merged commit 46715c4 into main Apr 30, 2022
@woodruffw woodruffw deleted the alex/use-ambient-credentials branch April 30, 2022 06:16
javanlacerda pushed a commit to javanlacerda/sigstore-python that referenced this pull request Feb 23, 2024
@tetsuo-cpp @woodruffw
Support conformance testing on third-party PRs (sigstore#60)
7904103 
* Support conformance testing on third-party PRs

Signed-off-by: Alex Cameron <[email protected]>

* README: Provide guidance on how to safely run conformance testing in
pull requests

Signed-off-by: Alex Cameron <[email protected]>

* README: formatting

Signed-off-by: William Woodruff <[email protected]>

Signed-off-by: Alex Cameron <[email protected]>
Signed-off-by: William Woodruff <[email protected]>
Co-authored-by: William Woodruff <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@woodruffw woodruffw woodruffw approved these changes

@di di di left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tetsuo-cpp @di @woodruffw