push-protected icon indicating copy to clipboard operation
push-protected copied to clipboard
verified publisher icon CasperWA

Feature request: commit signing, or disable also that requirement

Open punasusi opened this issue 1 year ago • 1 comments

I've given PAT for the single repo which settings rights. It successfully commits to a protected branch, as expected. However, when I enable enforce commit signing, it fails with "Commits must have verified signatures".

Either a way to give a signing key, or use the admin rights to also remove the commit signing rule as well as the review protection.

punasusi avatar Feb 27 '24 16:02 punasusi

As I understand it, this action does not create any commit. It only pushes. If you create a commit in your previous steps, these should be signed. See for example this post on how to do that.

MattiSG avatar Jul 10 '24 14:07 MattiSG

As @MattiSG stated, this indeed correct. Any changes you are pushing with this action are done outside the scope of this action, i.e., in prior workflow job steps. See also this section of the README (especially the last part) and note that this action actually removes any uncommitted changes prior to pushing (see this line).

CasperWA avatar Aug 27 '24 10:08 CasperWA