Billy Lynch

Yeah for Gitpod and other cloud workspaces that feels reasonable to use, since these tokens would be provisioned and managed by the service provider. Hooking into a CLI sounds inline...

We've had discussions, but I can't speak to any definitive timelines on their end. (I don't work there 😅) The right people to talk to are already on https://gitlab.com/gitlab-org/gitlab/-/issues/364428 -...

> On of the possible idea would be to add an extra value to chains.tekton.dev/signed with a skip value, or an entirely new annotations (chains.tekton.dev/skip). In general I would not...

You can! [Knative has slow/fast queues built in](https://github.com/knative/pkg/blob/35011d423d4b2382fcb38760916df79251a92f8c/controller/controller.go#L252) - active items come in on the fast queue, resyncs come in on the slow queue and are picked off as needed....

Keyless can be used with non-interactive CI workflows! Our e2e tests do this on every PR 🙂 The primary requirement is for the CI service to provide [an OIDC token...

I have great news for you - we've been working with GitLab on adding Sigstore support! 😃 We're waiting on changes to land on the Fulcio side - https://github.com/sigstore/fulcio/pull/1097, https://github.com/sigstore/fulcio/pull/983....

@bigkevmcd SGTM. My 2c is we should lean towards being more secure by default here and only allow unescaping if opted in if possible. My expectation is that most users...

I thought I created an issue already on the GitHub product discussion board, but I couldn't find it. Good news is there was another one! I'd recommend folks who want...

FWIW, to support environment variables you can do something like: ```go itr, err := ghinstallation.New(http.DefaultTransport, appID, installationID, []byte(os.GetEnv("MY_ENV_VAR"))) ``` This PR provides a wrapper around this, but you can still...

No objections! My guess is things that are produced by steps but not surfaced to the Task should be byproducts though? So a little bit different than the Task ->...