Add papertrail action #4
Conversation
There was a problem hiding this comment.
I haven't yet tested it yet, but looks good after a first look.
I'm a little concerned how this will fit the workflow. Take PHP for example: triggering the release is done by a user, but the build artifacts are only built later after the release tag has been pushed by the automation. So, in order for us to include hashes for generated artifacts, we'd have to wait until after packaging, but we no longer have information about who triggered the release build at that point.
| @@ -13,7 +13,8 @@ GPG key. | |||
| ### git-sign | |||
|
|
|||
| Use this action to create signed git artifacts: | |||
| ```markdown | |||
|
|
|||
| ```yaml | |||
| required: true | ||
| token: | ||
| description: "The GitHub token for the action" | ||
| required: true |
There was a problem hiding this comment.
Can we use default: ${{ github.token }} here or does that not work?
There was a problem hiding this comment.
Not from within an action, "Note: This context property is set by the Actions runner, and is only available within the execution steps of a job."
Co-authored-by: Andreas Braun <[email protected]>
Yes, we have to run everything in a single workflow. See mongodb/winkerberos#76 for how that works with the |
No description provided.