-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build-git-installers: migrate macOS and Linux off ESRP #614
build-git-installers: migrate macOS and Linux off ESRP #614
Conversation
Update macOS component of build-git-installers workflow to use GitHub certificates for signing and notarization instead of ESRP.
Update the Linux component of the build-git-installers workflow to use GPG signing instead of ESRP.
Remove scripts that were previously used to support ESRP signing.
Update build-git-installers workflow to publish `microsoft/git`'s GPG public key as part of each release. Add explanation for how to use this key to verify the Debian package's signature to the README.
28d4098
to
7a89262
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What a nice simplification (with the exception of the now long-winded Ubuntu instructions; I tried and failed to find a shorter version)!
These are also the same as the steps that were required when we used ESRP - I just had not written them down 😬. |
This PR migrates
microsoft/git
's signing workflows off the ESRP service. This means:An example run of release workflow with these changes can be found at [1].
1: https://github.com/microsoft/git/actions/runs/6635788798