The new extremely-dangerous-public-oidc-beacon current-token branch allows us to fetch the JWT without a GitHub token. This makes local testing easy, which makes developing the suite easier.
Changes:
git clone the beacon repo to get the token
Do this in a loop until token is valid (95% of the time the first try succeeds)
Cache the token so we only do this once in a test run
Remove all mention of github token in arguments, comments and docs
Some additional notes:
retry times are tweaked from the values upstream (and special values are set for the interactive case)
The caching could be smarter (could return cached value only if it's valid) but maybe this simple thing works?
Release Note
--github-token is no longer required to run signing tests
The new extremely-dangerous-public-oidc-beacon
current-token
branch allows us to fetch the JWT without a GitHub token. This makes local testing easy, which makes developing the suite easier.Changes:
Some additional notes:
Release Note
--github-token
is no longer required to run signing tests