1
0
Fork 0
Commit Graph

6 Commits (bdehamer/attest-issuer-fix)

Author SHA1 Message Date
Brian DeHamer a7e08af9b5
remove hard-coded issuer from JWT verification
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-08-08 15:10:57 -07:00
Brian DeHamer 73100a7f85
new GHA build provenance
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-06-05 14:54:34 -07:00
Fredrik Skogman e60694077d
Read the server url from the environment variable.
Instead of having the urls hardcoded, read them from the environment.
I opted to read from the environment variable instead of the github context
because it would be easier to test.
2024-05-16 17:00:35 +02:00
Brian DeHamer 2961d73391
remove dep on make-fetch-happen
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-04-23 09:39:17 -07:00
Brian DeHamer a0e6af1e53
build provenance stmt from OIDC claims
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-03-22 12:34:42 -07:00
Brian DeHamer 6079dea4c4
add new @actions/attest package
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-26 08:52:20 -08:00