2727 - uses : actions/checkout@v3
2828 - name : install
2929 run : python -m pip install .
30- -
uses :
trailofbits/[email protected] .4 30+ -
uses :
trailofbits/[email protected] .5 3131 with :
3232 inputs : file.txt
3333` ` `
@@ -55,15 +55,15 @@ provided.
5555To sign one or more files :
5656
5757` ` ` yaml
58- - uses: trailofbits/[email protected] .4 58+ - uses: trailofbits/[email protected] .5 5959 with:
6060 inputs: file0.txt file1.txt file2.txt
6161` ` `
6262
6363The `inputs` argument also supports file globbing :
6464
6565` ` ` yaml
66- - uses: trailofbits/[email protected] .4 66+ - uses: trailofbits/[email protected] .5 6767 with:
6868 inputs: ./path/to/inputs/*.txt
6969` ` `
@@ -78,7 +78,7 @@ Server during OAuth2.
7878Example :
7979
8080` ` ` yaml
81- - uses: trailofbits/[email protected] .4 81+ - uses: trailofbits/[email protected] .5 8282 with:
8383 inputs: file.txt
8484 oidc-client-id: alternative-sigstore-id
@@ -94,7 +94,7 @@ Connect Server during OAuth2.
9494Example :
9595
9696` ` ` yaml
97- - uses: trailofbits/[email protected] .4 97+ - uses: trailofbits/[email protected] .5 9898 with:
9999 inputs: file.txt
100100 oidc-client-secret: alternative-sigstore-secret
@@ -113,7 +113,7 @@ These output files are necessary for verification so turning this setting on wil
113113Example :
114114
115115` ` ` yaml
116- - uses: trailofbits/[email protected] .4 116+ - uses: trailofbits/[email protected] .5 117117 with:
118118 inputs: file.txt
119119 no-default-files: true
@@ -129,7 +129,7 @@ when signing multiple input files.
129129Example :
130130
131131` ` ` yaml
132- - uses: trailofbits/[email protected] .4 132+ - uses: trailofbits/[email protected] .5 133133 with:
134134 inputs: file.txt
135135 signature: custom-signature-filename.sig
@@ -138,7 +138,7 @@ Example:
138138However, this example is invalid :
139139
140140` ` ` yaml
141- - uses: trailofbits/[email protected] .4 141+ - uses: trailofbits/[email protected] .5 142142 with:
143143 inputs: file0.txt file1.txt file2.txt
144144 signature: custom-signature-filename.sig
@@ -154,7 +154,7 @@ work when signing multiple input files.
154154Example :
155155
156156` ` ` yaml
157- - uses: trailofbits/[email protected] .4 157+ - uses: trailofbits/[email protected] .5 158158 with:
159159 inputs: file.txt
160160 certificate: custom-certificate-filename.crt
@@ -163,7 +163,7 @@ Example:
163163However, this example is invalid :
164164
165165` ` ` yaml
166- - uses: trailofbits/[email protected] .4 166+ - uses: trailofbits/[email protected] .5 167167 with:
168168 inputs: file0.txt file1.txt file2.txt
169169 certificate: custom-certificate-filename.crt
@@ -179,7 +179,7 @@ overwritten.
179179Example :
180180
181181` ` ` yaml
182- - uses: trailofbits/[email protected] .4 182+ - uses: trailofbits/[email protected] .5 183183 with:
184184 inputs: file.txt
185185 overwrite: true
@@ -195,7 +195,7 @@ from. This setting cannot be used in combination with the `staging` setting.
195195Example :
196196
197197` ` ` yaml
198- - uses: trailofbits/[email protected] .4 198+ - uses: trailofbits/[email protected] .5 199199 with:
200200 inputs: file.txt
201201 fulcio-url: https://fulcio.sigstage.dev
@@ -211,7 +211,7 @@ cannot be used in combination with the `staging` setting.
211211Example :
212212
213213` ` ` yaml
214- - uses: trailofbits/[email protected] .4 214+ - uses: trailofbits/[email protected] .5 215215 with:
216216 inputs: file.txt
217217 rekor-url: https://rekor.sigstage.dev
@@ -227,7 +227,7 @@ in combination with the `staging` setting.
227227Example :
228228
229229` ` ` yaml
230- - uses: trailofbits/[email protected] .4 230+ - uses: trailofbits/[email protected] .5 231231 with:
232232 inputs: file.txt
233233 ctfe: ./path/to/ctfe.pub
@@ -243,7 +243,7 @@ be used in combination with `staging` setting.
243243Example :
244244
245245` ` ` yaml
246- - uses: trailofbits/[email protected] .4 246+ - uses: trailofbits/[email protected] .5 247247 with:
248248 inputs: file.txt
249249 ctfe: ./path/to/rekor.pub
@@ -260,7 +260,7 @@ checked to ensure that it matches.
260260Example :
261261
262262` ` ` yaml
263- - uses: trailofbits/[email protected] .4 263+ - uses: trailofbits/[email protected] .5 264264 with:
265265 inputs: file.txt
266266 oidc-issuer: https://oauth2.sigstage.dev/auth
@@ -276,7 +276,7 @@ instead of the default production instances.
276276Example :
277277
278278` ` ` yaml
279- - uses: trailofbits/[email protected] .4 279+ - uses: trailofbits/[email protected] .5 280280 with:
281281 inputs: file.txt
282282 staging: true
@@ -296,7 +296,7 @@ generated properly and the signature was properly submitted to Rekor.
296296Example :
297297
298298` ` ` yaml
299- - uses: trailofbits/[email protected] .4 299+ - uses: trailofbits/[email protected] .5 300300 with:
301301 inputs: file.txt
302302 verify: false
@@ -313,7 +313,7 @@ certificate's SAN against the provided value.
313313This setting only applies if `verify` is set to `true`.
314314
315315` ` ` yaml
316- - uses: trailofbits/[email protected] .4 316+ - uses: trailofbits/[email protected] .5 317317 with:
318318 inputs: file.txt
319319 verify-cert-email: [email protected] @@ -333,7 +333,7 @@ workflow artifact retention period is used.
333333Example :
334334
335335` ` ` yaml
336- - uses: trailofbits/[email protected] .4 336+ - uses: trailofbits/[email protected] .5 337337 with:
338338 inputs: file.txt
339339 upload-signing-artifacts: true
@@ -358,7 +358,7 @@ permissions:
358358
359359# ...
360360
361- - uses: trailofbits/[email protected] .4 361+ - uses: trailofbits/[email protected] .5 362362 with:
363363 inputs: file.txt
364364 release-signing-artifacts: true
@@ -385,7 +385,7 @@ permissions:
385385 Example :
386386
387387 ` ` ` yaml
388- - uses: trailofbits/[email protected] .4 388+ - uses: trailofbits/[email protected] .5 389389 with:
390390 inputs: file.txt
391391 internal-be-careful-debug: true
0 commit comments