Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SNOW-685438: Sign Nuget artifacts before release #1001

Merged

Conversation

sfc-gh-anavalos
Copy link
Contributor

@sfc-gh-anavalos sfc-gh-anavalos commented Jul 31, 2024

Description

Signing artifacts right after they are built with Cosign. The signature files will be added to the release tag.
The signing process follow the next steps:

  • Download the signing script from S3
    • Generates random password
    • Generates key pairs
    • Sign artifacts
    • Verify signature
    • Copy signature files (public key and sig files).
    • Delete signature files(public key, private key, and sig files).

Checklist

  • Code compiles correctly
  • Code is formatted according to Coding Conventions
  • Created tests which fail without the change (if possible)
  • All tests passing (dotnet test)
  • Extended the README / documentation, if necessary
  • Provide JIRA issue id (if possible) or GitHub issue id in PR name

Copy link

codecov bot commented Jul 31, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 85.59%. Comparing base (18f495a) to head (5d9b61b).

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #1001      +/-   ##
==========================================
- Coverage   85.68%   85.59%   -0.09%     
==========================================
  Files         106      106              
  Lines       10777    10777              
  Branches     1032     1032              
==========================================
- Hits         9234     9225       -9     
- Misses       1295     1304       +9     
  Partials      248      248              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@sfc-gh-anavalos sfc-gh-anavalos marked this pull request as ready for review August 6, 2024 14:45
@sfc-gh-anavalos sfc-gh-anavalos requested a review from a team as a code owner August 6, 2024 14:45
Copy link

@sfc-gh-eraigosa sfc-gh-eraigosa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Copy link
Collaborator

@sfc-gh-kdama sfc-gh-kdama left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

deploy.bat Outdated Show resolved Hide resolved
@sfc-gh-anavalos sfc-gh-anavalos merged commit 3707fa0 into master Aug 8, 2024
47 of 52 checks passed
@sfc-gh-anavalos sfc-gh-anavalos deleted the sfc-gh-anavalos-sign-artifacts-before-publish branch August 8, 2024 21:12
@github-actions github-actions bot locked and limited conversation to collaborators Aug 8, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants