Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add GitHub OIDC Token into GITHUB_TOKEN for signing images #2504

Merged
merged 2 commits into from
Jan 24, 2022
Merged

Add GitHub OIDC Token into GITHUB_TOKEN for signing images #2504

merged 2 commits into from
Jan 24, 2022

Conversation

JorTurFer
Copy link
Member

@JorTurFer JorTurFer commented Jan 21, 2022
edited
Loading

Signed-off-by: jorturfer jorge_turrado@hotmail.es

For being able to sign the images with the token, we should specify the requirement of GitHub OIDC Token in GITHUB_TOKEN. This pushes to add all the needed permission because once you request 1, you have to specify all of them.
Instead of adding all available permissions in the token, I added those I think we use, but please review it

Checklist

  • Commits are signed with Developer Certificate of Origin (DCO - learn more)
  • Tests have been added
  • A PR is opened to update our Helm chart (repo) (if applicable, ie. when deployment manifests are modified)
  • A PR is opened to update the documentation on (repo) (if applicable)
  • Changelog has been updated

Related #2501 #2502
Fixes #2386

@JorTurFer
Add GitHub OIDC Token into GITHUB_TOKEN
7db81e4 
Signed-off-by: jorturfer <jorge_turrado@hotmail.es>
@JorTurFer JorTurFer requested a review from a team as a code owner January 21, 2022 20:31
@JorTurFer
Update changelog
f33328d 
Signed-off-by: jorturfer <jorge_turrado@hotmail.es>
@zroubalik zroubalik merged commit a47a943 into kedacore:main Jan 24, 2022
@JorTurFer JorTurFer deleted the sign_main branch January 24, 2022 10:55
markrzasa pushed a commit to markrzasa/keda that referenced this pull request Jan 27, 2022
@JorTurFer @markrzasa
Add GitHub OIDC Token into GITHUB_TOKEN for signing images (kedacore#…
5f99487 
…2504)

Signed-off-by: jorturfer <jorge_turrado@hotmail.es>
Signed-off-by: Mark Rzasa <mark.rzasa@gmail.com>
markrzasa pushed a commit to markrzasa/keda that referenced this pull request Jan 27, 2022
@JorTurFer @markrzasa
Add GitHub OIDC Token into GITHUB_TOKEN for signing images (kedacore#…
bdb3356 
…2504)

Signed-off-by: jorturfer <jorge_turrado@hotmail.es>
Signed-off-by: Mark Rzasa <mark.rzasa@gmail.com>
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@zroubalik zroubalik zroubalik approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add container image signing to released images
2 participants
@JorTurFer @zroubalik