Signing event: sign/debug-add-artifact

sigstore / root-signing-staging

Staging TUF repository for Sigstore trust root

https://tuf-repo-cdn.sigstage.dev/

Apache License 2.0

3 stars 6 forks source link

Signing event: sign/debug-add-artifact #51

Closed sigstore-bot closed 7 months ago

sigstore-bot commented 7 months ago

Processing signing event sign/debug-add-artifact, please wait.

sigstore-bot commented 7 months ago

Artifacts have been modified

Event sign/debug-add-artifact (commit b546874) Committed metadata changes for role(s) targets. Updating signing event state, please wait.

sigstore-bot commented 7 months ago

Current signing event state

Event sign/debug-add-artifact (commit 9512bff)

:x: targets

Role targets contains following artifact changes:

ctfe.pub: MODIFIED
ctfe_2022.pub: MODIFIED
ctfe_2022_2.pub: MODIFIED
debugfile.txt: ADDED
fulcio.crt.pem: MODIFIED
fulcio_intermediate.crt.pem: MODIFIED
rekor.pub: MODIFIED
trusted_root.json: MODIFIED

Role targets is unsigned and not yet verified Still missing signatures from @jku Signers can sign these changes by running tuf-on-ci-sign sign/debug-add-artifact

jku commented 7 months ago

This was a test signing event for #50:

tuf-on-ci is version 0.6, so PRs are used
the config has Allow GitHub Actions to create and approve pull requests unchecked

signing event PR was correctly opened so the test succeeded: I'll close this PR.

There is an unrelated bug though: for some reason the existing artifacts are listed as modified. I will file an issue in tuf-on-ci