sigstore · woodruffw · Feb 15, 2023 · Feb 14, 2023 · Feb 15, 2023 · Feb 15, 2023
diff --git a/README.md b/README.md
@@ -367,6 +367,9 @@ Example:
 The `release-signing-artifacts` setting controls whether or not `sigstore-python`
 uploads signing artifacts to the release publishing event that triggered this run.
 
+If enabled, this setting also re-uploads and signs GitHub's default source code artifacts,
+as they are not guaranteed to be stable.
+
 By default, no release assets are uploaded.
 
 Requires the [`contents: write` permission](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token).

diff --git a/action.py b/action.py
@@ -26,6 +26,8 @@
 from glob import glob
 from pathlib import Path
 
+import requests
+
 _HERE = Path(__file__).parent.resolve()
 _TEMPLATES = _HERE / "templates"
 
@@ -53,6 +55,22 @@ def _log(msg):
     print(msg, file=sys.stderr)
 
 
+def _download_ref_asset(ext):
+    repo = os.getenv('GITHUB_REPOSITORY')
+    ref = os.getenv("GITHUB_REF")
+
+    artifact = f"/tmp/{os.getenv('GITHUB_REF_NAME')}{ext}"
+
+    # GitHub supports /:org/:repo/archive/:ref<.tar.gz|.zip>.
+    r = requests.get(f"https://github.com/{repo}/archive/{ref}{ext}", stream=True)
+    r.raise_for_status()
+    with Path(artifact).open("wb") as io:
+        for chunk in r.iter_content(chunk_size=None):
+            io.write(chunk)
+
+    return artifact
+
+
 def _sigstore_sign(global_args, sign_args):
     return ["python", "-m", "sigstore", *global_args, "sign", *sign_args]
 
@@ -163,6 +181,13 @@ def _fatal_help(msg):
 else:
     sigstore_verify_args.extend(["--cert-oidc-issuer", verify_oidc_issuer])
 
+if os.getenv("GHA_SIGSTORE_PYTHON_RELEASE_SIGNING_ARTIFACTS") == "true":
+    for filetype in [".zip", ".tar.gz"]:
+        artifact = _download_ref_asset(filetype)
+        if artifact is not None:
+            signing_artifact_paths.append(artifact)
+            inputs.append(artifact)
+
 for input_ in inputs:
     # Forbid things that look like flags. This isn't a security boundary; just
     # a way to prevent (less motivated) users from breaking the action on themselves.

diff --git a/action.yml b/action.yml
@@ -123,6 +123,7 @@ runs:
         GHA_SIGSTORE_PYTHON_VERIFY: "${{ inputs.verify }}"
         GHA_SIGSTORE_PYTHON_VERIFY_CERT_IDENTITY: "${{ inputs.verify-cert-identity }}"
         GHA_SIGSTORE_PYTHON_VERIFY_OIDC_ISSUER: "${{ inputs.verify-oidc-issuer }}"
+        GHA_SIGSTORE_PYTHON_RELEASE_SIGNING_ARTIFACTS: "${{ inputs.release-signing-artifacts }}"
         GHA_SIGSTORE_PYTHON_INTERNAL_BE_CAREFUL_DEBUG: "${{ inputs.internal-be-careful-debug }}"
       shell: bash
 

diff --git a/requirements.txt b/requirements.txt
@@ -1 +1,2 @@
 sigstore ~= 1.1
+requests ~= 2.28