Ability to bulk create trusted publishers #4309
Comments
|
@segiddins any plans on trusted publishers API? |
|
Yup, we can set up an API. It'll probably necessitate adding a new API scope, and also ensuring MFA is given. |
|
Done in #4690 |
|
Thanks for implementing this. Is there any documentation on how to use this? |
|
I don't believe so, but it appears https://guides.rubygems.org/rubygems-org-api/ would be a good place to add an entry! |
|
That is indeed the first place I looked. From reading
And for So the rubygems.org/app/models/oidc/trusted_publisher/github_action.rb Lines 38 to 40 in 55c07ac So (also based on reading the tests and output) to create it the payload is: {
"trusted_publisher_type": "OIDC::TrustedPublisher::GitHubAction",
"trusted_publisher": {
"repository_owner": "$owner",
"repository_name": "$repo_name",
"workflow_filename": "$filename",
"environment": "$env"
}
} |
Somehow this always returns an empty list. I have tried an API key with the "Index Rubygems" and "Configure Trusted Publishers" permissions.
Based on testing I can confirm this works to create a publisher.
Because listing doesn't work I didn't try this out yet.
Nor this one. |
Is your feature request related to a problem?
As an admin of both Vox Pupuli and The Foreman I'm responsible for a sizeable number of gems. Clicking through the UI is tedious and error prone, so I'd like some programmatic way to set up in bulk.
Describe the solution you'd like
A way to both set up trusted publishing and verify it is indeed set up in a programmatic way.
Perhaps via the
gemapplication, similar to howgem ownerallows managing the owner. That allows me to use shell scripts in a loop. Only a REST API would be a good start.The text was updated successfully, but these errors were encountered: