python-package-template icon indicating copy to clipboard operation
python-package-template copied to clipboard
verified publisher icon jenstroeger

feat: the Pull Request action now verifies signed commits

Open jenstroeger opened this issue 3 years ago • 2 comments

Somewhat related to issue https://github.com/commitizen-tools/commitizen/issues/575, but using plain bash + git instead of commitizen.

jenstroeger avatar Sep 05 '22 01:09 jenstroeger

This blog and this gist show how to sign commits from an Action using the gh tool. We’d have to adjust for our release.yaml here, though:

https://github.com/jenstroeger/python-package-template/blob/25c486b68d04c813c9bd366b44db858e20d281e4/.github/workflows/release.yaml#L55-L60

And here’s an interesting blog using a third-party tool Gitsign.

I think we’ll still have to do a little more digging for better approaches 🤔

jenstroeger avatar Sep 05 '22 10:09 jenstroeger

@behnazh I think we can close this PR and continue the discussion in https://github.com/jenstroeger/python-package-template/issues/332?

jenstroeger avatar Nov 26 '22 02:11 jenstroeger