Add a sign/GH release job to the release workflow
This is the one from https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ again, with an `if` condition added and multilines rewrapped. As best as I can tell, this should work automagically, we don't need to "sign up for" sigstore or create any certificates or keys; it works by creating an ephemeral signing certificate bound to the identity of whatever GitHub user the workflow runs as (proved by OIDC), and signing with that. Signed-off-by:Adam Williamson <awilliam@redhat.com>
Loading
Please register or sign in to comment