carvel-dev / kbld

kbld seamlessly incorporates image building and image pushing into your development and deployment workflows
https://carvel.dev/kbld
Apache License 2.0
294 stars 41 forks source link

Sign `kbld` binaries while releasing them #417

Closed 100mik closed 10 months ago

100mik commented 1 year ago

Describe the problem/challenge you have All published kbld binaries should be signed so that it can be verified that they were published through official channels.

Describe the solution you'd like The changes proposed in this proposal for signing binary artifacts must be made a part of the release pipeline.


Vote on this request

This is an invitation to the community to vote on issues, to help us prioritize our backlog. Use the "smiley face" up to the right of this comment to vote.

👍 "I would like to see this addressed as soon as possible" 👎 "There are other more important things to focus on right now"

We are also happy to receive and review Pull Requests if you want to help working on this issue.

github-actions[bot] commented 1 year ago

This issue is being marked as stale due to a long period of inactivity and will be closed in 5 days if there is no response.