Skip to content

Commit

Permalink
Add GitHub OIDC Token into GITHUB_TOKEN for signing images (kedacore#…
Browse files Browse the repository at this point in the history 
…2504)

Signed-off-by: jorturfer <jorge_turrado@hotmail.es>
Signed-off-by: Mark Rzasa <mark.rzasa@gmail.com>
  • Loading branch information
@JorTurFer @markrzasa
JorTurFer authored and markrzasa committed Jan 27, 2022
1 parent 7878b05 commit bdb3356
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 1 deletion.
5 changes: 5 additions & 0 deletions .github/workflows/main-build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,11 @@ jobs:
validate:
name: Validate
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write # needed for signing the images with GitHub OIDC Token **not production ready**

# build-tools is built from ../../tools/build-tools.Dockerfile
container: ghcr.io/kedacore/build-tools:main
steps:
Expand Down
6 changes: 6 additions & 0 deletions .github/workflows/release-build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,12 @@ jobs:
build:
name: Push Release
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
deployments: write
id-token: write # needed for signing the images with GitHub OIDC Token **not production ready**

# build-tools is built from ../../tools/build-tools.Dockerfile
container: ghcr.io/kedacore/build-tools:main
steps:
Expand Down
2 changes: 1 addition & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@

- **General:** `keda-operator` Cluster Role: add `list` and `watch` access to service accounts ([#2406](https://github.com/kedacore/keda/pull/2406))|([#2410](https://github.com/kedacore/keda/pull/2410))
- **General:** Delete the cache entry when a ScaledObject is deleted ([#2408](https://github.com/kedacore/keda/pull/2408))
- **General:** Sign KEDA images published on GitHub Container Registry ([#2501](https://github.com/kedacore/keda/pull/2501))|([#2502](https://github.com/kedacore/keda/pull/2502))
- **General:** Sign KEDA images published on GitHub Container Registry ([#2501](https://github.com/kedacore/keda/pull/2501))|([#2502](https://github.com/kedacore/keda/pull/2502))|([#2504](https://github.com/kedacore/keda/pull/2504))
- **Azure Pipelines Scaler:** support `poolName` or `poolID` validation ([#2370](https://github.com/kedacore/keda/pull/2370))
- **Graphite Scaler:** use the latest datapoint returned, not the earliest ([#2365](https://github.com/kedacore/keda/pull/2365))
- **Kubernetes Workload Scaler:** ignore terminated pods ([#2384](https://github.com/kedacore/keda/pull/2384))
Expand Down

0 comments on commit bdb3356

Please sign in to comment.