Question
We now have a requirement to have all commits signed in Ansible: https://forum.ansible.com/t/important-github-com-ansible-now-requires-signed-commits/45520/14. This broke a couple of automated workflows that produce commits in GHA. I'm looking for automated signing solutions and thought of perhaps using Sigstore.
@woodruffw could you help me understand if this project (or the respective action) would be usable for signing Git commits from GitHub Actions jobs (provided they run in an OIDC-aware context)?
Question
We now have a requirement to have all commits signed in Ansible: https://forum.ansible.com/t/important-github-com-ansible-now-requires-signed-commits/45520/14. This broke a couple of automated workflows that produce commits in GHA. I'm looking for automated signing solutions and thought of perhaps using Sigstore.
@woodruffw could you help me understand if this project (or the respective action) would be usable for signing Git commits from GitHub Actions jobs (provided they run in an OIDC-aware context)?