New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Regression in signature verification for git tags #12797
Conversation
Signed-off-by: jannfis <jann@mistrust.net>
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #12797 +/- ##
=========================================
Coverage ? 47.77%
=========================================
Files ? 246
Lines ? 41986
Branches ? 0
=========================================
Hits ? 20058
Misses ? 19929
Partials ? 1999
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report in Codecov by Sentry. |
/cherry-pick release-2.4 |
/cherry-pick release-2.5 |
/cherry-pick release-2.6 |
@crenshaw-dev bump :) |
/cherry-pick release-2.7 |
Signed-off-by: jannfis <jann@mistrust.net>
Signed-off-by: jannfis <jann@mistrust.net>
Signed-off-by: jannfis <jann@mistrust.net>
Signed-off-by: jannfis <jann@mistrust.net>
… (argoproj#13113) Signed-off-by: jannfis <jann@mistrust.net> Co-authored-by: jannfis <jann@mistrust.net> Signed-off-by: schakrad <58915923+schakrad@users.noreply.github.com>
Signed-off-by: jannfis <jann@mistrust.net>
Fixes #7377
There was a regression not covered by tests when we changed passing the resolved commit SHA (instead of the symbolic reference) to verification routines, which resulted in trying to run
git verify-tag
on a commit SHA a tag was pointing to, instead of running against the tag.Note on DCO:
If the DCO action in the integration test fails, one or more of your commits are not signed off. Please click on the Details link next to the DCO action for instructions on how to resolve this.
Checklist: