This GitHub Action uses sigstore-python to generate Sigstore signatures. gh-action-sigstore-python is the easiest way to integrate Sigstore into your CI system and can be used for not only Python projects, but projects in other languages as well.
Important
Are you publishing a package to PyPI? If so, you do not need this action: pypa/gh-action-pypi-publish will handle signing for you!
Simply add sigstore/gh-action-sigstore-python to one of your workflows:
jobs: selftest: runs-on: ubuntu-latest permissions: id-token: write steps: - uses: actions/checkout@v4 with: persist-credentials: false - name: install run: python -m pip install . - uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txtNote: Your workflow must have permission to request the OIDC token to authenticate with. This can be done by setting id-token: write on your job (as above) or workflow.
More information about permission settings can be found here.
gh-action-sigstore-python takes a variety of configuration inputs, most of which are optional.
The inputs setting controls what files sigstore-python signs. At least one input must be provided unless release-signing-artifacts is set to true on release events.
To sign one or more files:
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file0.txt file1.txt file2.txtThe inputs argument also supports file globbing:
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: ./path/to/inputs/*.txtMultiple lines are fine, and whitespace in filenames can also be escaped using POSIX shell lexing rules:
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: | ./path/to/inputs/*.txt ./another/path/foo\ bar.txt ./a/third/path/"easier to quote than to escape".txtNote
In versions of this action before 2.0.0, the inputs setting allowed for shell expansion. This was unintentional, and was removed with 2.0.0.
Default: Empty (the GitHub Actions credential will be used)
The identity-token setting controls the OpenID Connect token provided to Fulcio. By default, the workflow will use the credentials found in the GitHub Actions environment.
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txt identity-token: ${{ IDENTITY_TOKEN }} # assigned elsewhereDefault: sigstore
The oidc-client-id setting controls the OpenID Connect client ID to provide to the OpenID Connect Server during OAuth2.
Example:
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txt oidc-client-id: alternative-sigstore-idDefault: Empty (no OpenID Connect client secret provided by default)
The oidc-client-secret setting controls the OpenID Connect client secret to provide to the OpenID Connect Server during OAuth2.
Example:
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txt oidc-client-secret: alternative-sigstore-secretDefault: false
The staging setting controls whether or not sigstore-python uses sigstore's staging instances, instead of the default production instances.
Example:
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txt staging: trueDefault: false
The verify setting controls whether or not the generated signatures and certificates are verified with the sigstore verify subcommand after all files have been signed.
This is not strictly necessary but can act as a smoke test to ensure that all signing artifacts were generated properly and the signature was properly submitted to Rekor.
If verify is enabled, then you must also pass the verify-cert-identity and verify-oidc-issuer settings. Failing to pass these will produce an error.
Example:
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txt verify: true verify-oidc-issuer: https://some-oidc-issuer.example.com verify-cert-identity: some-identityDefault: Empty
The verify-cert-identity setting controls whether to verify the Subject Alternative Name (SAN) of the signing certificate after signing has taken place. If it is set, sigstore-python will compare the certificate's SAN against the provided value.
This setting only applies if verify is set to true. Supplying it without verify: true will produce an error.
This setting may only be used in conjunction with verify-oidc-issuer. Supplying it without verify-oidc-issuer will produce an error.
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txt verify: true verify-cert-identity: john.hancock@example.com verify-oidc-issuer: https://oauth2.sigstage.dev/authDefault: https://oauth2.sigstore.dev/auth
The verify-oidc-issuer setting controls whether to verify the issuer extension of the signing certificate after signing has taken place. If it is set, sigstore-python will compare the certificate's issuer extension against the provided value.
This setting only applies if verify is set to true. Supplying it without verify: true will produce an error.
This setting may only be used in conjunction with verify-cert-identity. Supplying it without verify-cert-identity will produce an error.
Example:
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txt verify: true verify-cert-identity: john.hancock@example.com verify-oidc-issuer: https://oauth2.sigstage.dev/authDefault: false
The upload-signing-artifacts setting controls whether or not sigstore-python creates workflow artifacts for the outputs produced by signing operations.
By default, no workflow artifacts are uploaded. When enabled, the default workflow artifact retention period is used.
Example:
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txt upload-signing-artifacts: trueDefault: true
The release-signing-artifacts setting controls whether or not sigstore-python uploads signing artifacts to the release publishing event that triggered this run. This setting has no effect on non-release events.
If enabled, this setting also re-uploads and signs GitHub's default source code artifacts, as they are not guaranteed to be stable.
Requires the contents: write permission.
Example:
permissions: contents: write # ... - uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txt release-signing-artifacts: trueOn release events, it is also valid to have no explicit inputs. When used on release events, this action will sign any pre-existing release artifacts:
permissions: contents: write # ... # no explicit settings needed, signs all pre-existing release artifacts - uses: sigstore/gh-action-sigstore-python@v3.1.0⚠️ Internal options ⚠️
Everything below is considered "internal," which means that it isn't part of the stable public settings and may be removed or changed at any points. You probably do not need these settings.
All internal options are prefixed with internal-be-careful-.
Default: false
The internal-be-careful-debug setting enables additional debug logs, both within sigstore-python itself and the action's harness code. You can use it to debug troublesome configurations.
Example:
- uses: sigstore/gh-action-sigstore-python@v3.1.0 with: inputs: file.txt internal-be-careful-debug: truegh-action-sigstore-python is licensed under the Apache 2.0 License.
Everyone interacting with this project is expected to follow the sigstore Code of Conduct
Should you discover any security issues, please refer to sigstore's security process.
gh-action-sigstore-python is developed as part of the sigstore project.
We also use a slack channel! Click here for the invite link.