Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

action: remove old output settings #146

Merged
merged 2 commits into from
Jul 9, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 0 additions & 22 deletions .github/workflows/selftest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -256,27 +256,6 @@ jobs:
[[ -f ./artifact.txt.sigstore.json ]] || exit 1
working-directory: ./test/uploaded

selftest-custom-paths:
runs-on: ubuntu-latest
if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
steps:
- uses: actions/checkout@v4
- name: Sign artifact and publish signature
uses: ./
id: sigstore-python
with:
inputs: ./test/artifact.txt
signature: ./test/custom_signature.sig
certificate: ./test/custom_certificate.crt
bundle: ./test/custom_bundle.sigstore
staging: true
internal-be-careful-debug: true
- name: Check outputs
run: |
[[ -f ./test/custom_signature.sig ]] || exit 1
[[ -f ./test/custom_certificate.crt ]] || exit 1
[[ -f ./test/custom_bundle.sigstore ]] || exit 1

selftest-verify:
runs-on: ubuntu-latest
if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
Expand Down Expand Up @@ -376,7 +355,6 @@ jobs:
- selftest-glob
- selftest-glob-multiple
- selftest-upload-artifacts
- selftest-custom-paths
- selftest-verify
- selftest-xfail-verify-missing-options
- selftest-identity-token
Expand Down
75 changes: 0 additions & 75 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -128,81 +128,6 @@ Example:
oidc-client-secret: alternative-sigstore-secret
```

### `signature`

**Default**: Empty (signature files will get named as `{input}.sig`)

The `signature` setting controls the name of the output signature file. This setting does not work
when signing multiple input files.

Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.1.1
with:
inputs: file.txt
signature: custom-signature-filename.sig
```

However, this example is invalid:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.1.1
with:
inputs: file0.txt file1.txt file2.txt
signature: custom-signature-filename.sig
```

### `certificate`

**Default**: Empty (certificate files will get named as `{input}.crt`)

The `certificate` setting controls the name of the output certificate file. This setting does not
work when signing multiple input files.

Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.1.1
with:
inputs: file.txt
certificate: custom-certificate-filename.crt
```

However, this example is invalid:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.1.1
with:
inputs: file0.txt file1.txt file2.txt
certificate: custom-certificate-filename.crt
```

### `bundle`

**Default**: Empty (bundle files will get named as `{input}.sigstore`)

The `bundle` setting controls the name of the output Sigstore bundle. This setting does not work
when signing multiple input files.

Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.1.1
with:
inputs: file.txt
bundle: custom-bundle.sigstore
```

However, this example is invalid:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.1.1
with:
inputs: file0.txt file1.txt file2.txt
certificate: custom-bundle.sigstore
```

### `staging`

**Default**: `false`
Expand Down
18 changes: 0 additions & 18 deletions action.py
Original file line number Diff line number Diff line change
Expand Up @@ -146,24 +146,6 @@ def _fatal_help(msg):
if client_secret:
sigstore_sign_args.extend(["--oidc-client-secret", client_secret])

signature = os.getenv("GHA_SIGSTORE_PYTHON_SIGNATURE")
if signature:
sigstore_sign_args.extend(["--signature", signature])
sigstore_verify_args.extend(["--signature", signature])
signing_artifact_paths.append(signature)

certificate = os.getenv("GHA_SIGSTORE_PYTHON_CERTIFICATE")
if certificate:
sigstore_sign_args.extend(["--certificate", certificate])
sigstore_verify_args.extend(["--certificate", certificate])
signing_artifact_paths.append(certificate)

bundle = os.getenv("GHA_SIGSTORE_PYTHON_BUNDLE")
if bundle:
sigstore_sign_args.extend(["--bundle", bundle])
sigstore_verify_args.extend(["--bundle", bundle])
signing_artifact_paths.append(bundle)

if os.getenv("GHA_SIGSTORE_PYTHON_STAGING", "false") != "false":
sigstore_global_args.append("--staging")

Expand Down
15 changes: 0 additions & 15 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,18 +32,6 @@ inputs:
description: "the custom OpenID Connect client secret to use during OAuth2"
required: false
default: ""
signature:
description: "write a single signature to the given file; does not work with multiple input files"
required: false
default: ""
certificate:
description: "write a single certificate to the given file; does not work with multiple input files"
required: false
default: ""
bundle:
description: "write a single Sigstore bundle to the given file; does not work with multiple input files"
required: false
default: ""
staging:
description: "use sigstore's staging instances, instead of the default production instances"
required: false
Expand Down Expand Up @@ -102,9 +90,6 @@ runs:
PYTHONUTF8: "1"
VENV_PYTHON_PATH: "${{ steps.setup.outputs.venv-python-path }}"
GHA_SIGSTORE_PYTHON_IDENTITY_TOKEN: "${{ inputs.identity-token }}"
GHA_SIGSTORE_PYTHON_SIGNATURE: "${{ inputs.signature }}"
GHA_SIGSTORE_PYTHON_CERTIFICATE: "${{ inputs.certificate }}"
GHA_SIGSTORE_PYTHON_BUNDLE: "${{ inputs.bundle }}"
GHA_SIGSTORE_PYTHON_OIDC_CLIENT_ID: "${{ inputs.oidc-client-id }}"
GHA_SIGSTORE_PYTHON_OIDC_CLIENT_SECRET: "${{ inputs.oidc-client-secret }}"
GHA_SIGSTORE_PYTHON_STAGING: "${{ inputs.staging }}"
Expand Down
Loading