Skip to content

Fix package signing#2631

Merged
martincostello merged 7 commits intomainfrom
fix-signing
Jun 5, 2025
Merged

Fix package signing#2631
martincostello merged 7 commits intomainfrom
fix-signing

Conversation

@martincostello
Copy link
Member

@martincostello martincostello commented Jun 1, 2025

Use a federated credential to access Azure Key Vault for the code-signing certificate instead of the now-expired secrets.

@martincostello
Fix package signing
ff6690b 
Use a federated credential to access Azure Key Vault for the code-signing certificate instead of the now-expired secrets.
@martincostello
Fix permissions
09382ee 
- Remove all permissions by default.
- Add `contents: read` for building the packages.
- Add `id-token: write` to sign the packages.
@martincostello martincostello added this to the v8.6.0 milestone Jun 1, 2025
martincostello
martincostello commented Jun 1, 2025
View reviewed changes
martincostello
martincostello commented Jun 1, 2025
View reviewed changes
@codecov
Copy link

codecov bot commented Jun 1, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.23%. Comparing base (3942893) to head (144eaeb).
Report is 4 commits behind head on main.

✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2631   +/-   ##
=======================================
  Coverage   96.23%   96.23%           
=======================================
  Files         311      311           
  Lines        7329     7329           
  Branches     1013     1013           
=======================================
  Hits         7053     7053           
  Misses        222      222           
  Partials       54       54
Flag Coverage Δ
linux 96.23% <ø> (ø)
macos 96.23% <ø> (ø)
windows 96.22% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

martincostello
martincostello commented Jun 4, 2025
View reviewed changes
@martincostello
Skip Azure login
0e6da04 
See if it works anyway.
martincostello
martincostello commented Jun 4, 2025
View reviewed changes
@martincostello
Restore Azure login
b8f359a 
Doesn't work without it either.
martincostello
martincostello commented Jun 4, 2025
View reviewed changes
@martincostello
Update Azure authentication type
9d9ddbe 
Switch to `IDENTITY` instead of `SERVICE_PRINCIPAL`.
martincostello
martincostello commented Jun 4, 2025
View reviewed changes
@martincostello martincostello marked this pull request as ready for review June 5, 2025 17:15
@martincostello martincostello enabled auto-merge (squash) June 5, 2025 17:15
@martincostello martincostello merged commit cbd6dc0 into main Jun 5, 2025
26 checks passed
@martincostello martincostello deleted the fix-signing branch June 5, 2025 17:24
@dependabot dependabot bot mentioned this pull request Nov 14, 2025
Merged
This was referenced Nov 24, 2025
Open
Open
Open
Merged
Open
Closed
Open
Open
@dependabot dependabot bot mentioned this pull request Dec 1, 2025
Closed
This was referenced Dec 16, 2025
Merged
Closed
Closed
Open
Closed
This was referenced Dec 29, 2025
Closed
Closed
Closed
Merged
Open
This was referenced Jan 5, 2026
Closed
Open
Merged
Closed
This was referenced Jan 12, 2026
Merged
Merged
Open
Open
Merged
Closed
This was referenced Jan 19, 2026
Merged
Open
Merged
Merged
This was referenced Jan 29, 2026
Open
Open
Merged
Merged
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

CI/build

Projects

None yet

Milestone

v8.6.0

Development

Successfully merging this pull request may close these issues.

1 participant

@martincostello