Skip to content

Commit

Permalink
README: prep 2.0.1 (#78)
Browse files Browse the repository at this point in the history
Signed-off-by: William Woodruff <william@trailofbits.com>
  • Loading branch information
woodruffw authored Aug 10, 2023
1 parent d260c7b commit 9310933
Showing 1 changed file with 23 additions and 23 deletions.
46 changes: 23 additions & 23 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
- uses: actions/checkout@v3
- name: install
run: python -m pip install .
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
```
Expand All @@ -53,15 +53,15 @@ provided.
To sign one or more files:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file0.txt file1.txt file2.txt
```

The `inputs` argument also supports file globbing:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: ./path/to/inputs/*.txt
```
Expand All @@ -78,7 +78,7 @@ The `identity-token` setting controls the OpenID Connect token provided to Fulci
workflow will use the credentials found in the GitHub Actions environment.

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
identity-token: ${{ IDENTITY_TOKEN }} # assigned elsewhere
Expand All @@ -94,7 +94,7 @@ Server during OAuth2.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
oidc-client-id: alternative-sigstore-id
Expand All @@ -110,7 +110,7 @@ Connect Server during OAuth2.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
oidc-client-secret: alternative-sigstore-secret
Expand All @@ -126,7 +126,7 @@ when signing multiple input files.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
signature: custom-signature-filename.sig
Expand All @@ -135,7 +135,7 @@ Example:
However, this example is invalid:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file0.txt file1.txt file2.txt
signature: custom-signature-filename.sig
Expand All @@ -151,7 +151,7 @@ work when signing multiple input files.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
certificate: custom-certificate-filename.crt
Expand All @@ -160,7 +160,7 @@ Example:
However, this example is invalid:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file0.txt file1.txt file2.txt
certificate: custom-certificate-filename.crt
Expand All @@ -176,7 +176,7 @@ when signing multiple input files.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
bundle: custom-bundle.sigstore
Expand All @@ -185,7 +185,7 @@ Example:
However, this example is invalid:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file0.txt file1.txt file2.txt
certificate: custom-bundle.sigstore
Expand All @@ -201,7 +201,7 @@ from. This setting cannot be used in combination with the `staging` setting.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
fulcio-url: https://fulcio.sigstage.dev
Expand All @@ -217,7 +217,7 @@ cannot be used in combination with the `staging` setting.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
rekor-url: https://rekor.sigstage.dev
Expand All @@ -233,7 +233,7 @@ in combination with the `staging` setting.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
ctfe: ./path/to/ctfe.pub
Expand All @@ -249,7 +249,7 @@ be used in combination with `staging` setting.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
ctfe: ./path/to/rekor.pub
Expand All @@ -265,7 +265,7 @@ instead of the default production instances.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
staging: true
Expand All @@ -288,7 +288,7 @@ and `verify-oidc-issuer` settings. Failing to pass these will produce an error.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
verify: true
Expand All @@ -311,7 +311,7 @@ This setting may only be used in conjunction with `verify-oidc-issuer`.
Supplying it without `verify-oidc-issuer` will produce an error.

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
verify: true
Expand All @@ -336,7 +336,7 @@ Supplying it without `verify-cert-identity` will produce an error.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
verify: true
Expand All @@ -358,7 +358,7 @@ workflow artifact retention period is used.
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
upload-signing-artifacts: true
Expand Down Expand Up @@ -386,7 +386,7 @@ permissions:
# ...
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
release-signing-artifacts: true
Expand All @@ -413,7 +413,7 @@ permissions:
Example:

```yaml
- uses: sigstore/gh-action-sigstore-python@v2.0.0
- uses: sigstore/gh-action-sigstore-python@v2.0.1
with:
inputs: file.txt
internal-be-careful-debug: true
Expand Down

0 comments on commit 9310933

Please sign in to comment.