-
Notifications
You must be signed in to change notification settings - Fork 286
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci(release): add sigstore npm integration through --provenance #3622
base: main
Are you sure you want to change the base?
ci(release): add sigstore npm integration through --provenance #3622
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@adrianbatuto Thank you! Could you please confirm that you've published the packages on the screenshots with the .github/workflows/all-nodejs-packages-publish.yaml
workflow and not the other one?
If no, then please double check that the mentioned workflow is working as well and then pass it back for review!
@petermetz, I was also able to publish with provenance using all-nodejs-packages-publish.yaml. https://github.com/adrianbatuto/cacti/actions/runs/11801663866 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@adrianbatuto Thank you for confirming, in that case we are good to go from my side!
@hyperledger-cacti/cacti-maintainers requesting review on this PR |
Primary Changes ---------------- 1. Added provenance config to the publish workflows. Fixes hyperledger-cacti#2623 Signed-off-by: adrianbatuto <[email protected]>
d2bce94
to
0e1037c
Compare
Commit to be reviewed
ci(release): add sigstore npm integration through --provenance
Fixes #2623
Pull Request Requirements
upstream/main
branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why.-s
flag when usinggit commit
command. You may refer to this link for more information.Character Limit
A Must Read for Beginners
For rebasing and squashing, here's a must read guide for beginners.