Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CI: Move Windows signing to reusable workflow #10186

Merged
merged 2 commits into from
Feb 8, 2024
Merged

CI: Move Windows signing to reusable workflow #10186

merged 2 commits into from
Feb 8, 2024

Conversation

derrod
Copy link
Member

@derrod derrod commented Feb 2, 2024

Description

In order for the job_workflow_sha claim in the JWT to actually correspond to the workflow's last modification commit it has to be a reusable workflow. This is annoying, and somewhat silly given GitHub's documentation indicates otherwise, but what can you do...

Bonus points for there not being a way to get the ref of the currently executed reusable workflow, the only way I (and others) could find was to parse the JWT, which is "easy" here since this job uses it anyway.

Note: this PR needs to be merged via merge commit to avoid the hashes becoming invalid. Alternatively the second commit could be split into its own or directly pushed to master, but I'd like to not do that.

Motivation and Context

Want to pin specific version of signing action/bouf configuration for Google Cloud Authentication.

How Has This Been Tested?

Ran on my fork.

Types of changes

  • Tweak (non-breaking change to improve existing functionality)
  • Code cleanup (non-breaking change which makes code smaller or more readable)

Checklist:

  • My code has been run through clang-format.
  • I have read the contributing document.
  • My code is not on the master branch.
  • The code has been tested.
  • All commit messages are properly formatted and commits squashed where appropriate.
  • I have included updates to all appropriate documentation.

@derrod derrod added the CI label Feb 2, 2024
@RytoEX RytoEX self-assigned this Feb 2, 2024
@RytoEX RytoEX requested a review from PatTheMav February 2, 2024 20:16
@RytoEX RytoEX merged commit 780cbac into obsproject:master Feb 8, 2024
14 checks passed
@derrod derrod deleted the ci-specify-action-commit branch February 8, 2024 19:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RytoEX RytoEX RytoEX approved these changes

@PatTheMav PatTheMav Awaiting requested review from PatTheMav

Assignees

@RytoEX RytoEX

Labels
CI
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@derrod @RytoEX @PatTheMav