-
-
Notifications
You must be signed in to change notification settings - Fork 933
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Trusted Publishing with reusable workflow #4294
Comments
https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows#how-the-token-works-with-reusable-workflows dropping this here for my future reference. |
Another possibly useful cross-reference: pypi/warehouse#11096 |
@ybiquitous there's some work we'd have to do here to support re-usable workflows outside of the calling repository. Likely this will involve an extra (optional) input field for the reusable workflow, and the existing field will continue to refer to the calling (top-level) workflow (and be the |
I'm okay if reusable workflows are supported. 👌🏼 |
(Please tell me a different place if my question is inappropriate 🙏🏼 )
First, my try in the suggested way by the RubyGems document was successful! 🎉
(For details, see my repo's Actions log)
However, my try through a reusable workflow failed, unfortunately. I'm not sure about the failure cause, but
rubygems/configure-rubygems-credentials
failed with the following error:See also the failure Actions log.
Here's a part of my Actions workflow settings:
For the sharable workflow code, see https://github.com/ybiquitous/.github/pull/31/files.
In short, is Trusted Publishing unsupported in a sharable workflow?
Last, this feature is fantastic! Thanks a lot. 👏🏼
Originally posted by @ybiquitous in #4285 (comment)
The text was updated successfully, but these errors were encountered: