Add assertion doc job #3929
Merged
Add assertion doc job #3929
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3929 +/- ##
==========================================
- Coverage 86.82% 86.77% -0.06%
==========================================
Files 128 128
Lines 16607 16607
Branches 62 62
==========================================
- Hits 14419 14410 -9
- Misses 2005 2012 +7
- Partials 183 185 +2 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
ciarams87
force-pushed
the
chore/assertion-doc
branch
17 times, most recently
from
e7d4804 to
795fdef
Compare
jjngx
reviewed
Sep 22, 2025
ciarams87
force-pushed
the
chore/assertion-doc
branch
5 times, most recently
from
1da6167 to
58ecd2f
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
ciarams87
force-pushed
the
chore/assertion-doc
branch
from
58ecd2f to
534057e
Compare
ciarams87
force-pushed
the
chore/assertion-doc
branch
from
e64c871 to
9cf58f6
Compare
tataruty
approved these changes
Sep 29, 2025
ciarams87
force-pushed
the
chore/assertion-doc
branch
from
9cf58f6 to
bd529ba
Compare
shaun-nx
approved these changes
Sep 30, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed changes
Problem: We need to add the generation and publishing of a signed assertion document to our workflow. The goal of the signed assertion document is to provide a customer facing document that provides provenance for a build artifact. The document will contain information about each dependency included in the build and specifically will contain the signed acquisition document for each process. This will also be signed to guarantee that F5 is the source of the document.
Solution: Use the actions provided by
compliance-rulesto generate and sign the assertion documentTesting: See https://github.com/nginx/nginx-gateway-fabric/actions/runs/18093624043/job/51480400063
Checklist
Before creating a PR, run through this checklist and mark each as complete.
Release notes
If this PR introduces a change that affects users and needs to be mentioned in the release notes,
please add a brief note that summarizes the change.