Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable Verified Commits (with GPG key as secret) #63

Open
dgteixeira opened this issue Sep 21, 2021 · 7 comments · May be fixed by #110
Open

Enable Verified Commits (with GPG key as secret) #63

dgteixeira opened this issue Sep 21, 2021 · 7 comments · May be fixed by #110

Comments

@dgteixeira
Copy link

What problem are you facing?

I have Repositories that need to enforce Signed Commits, and would like to keep this action.

How could terraform-docs help solve your problem?

1st Hypothesis:

  • Integrate with the action the possibility to use GPG keys to verify the commits, when pushing.

2nd Hypothesis:

@pfilourenco
Copy link

Any update on this?

2 similar comments
@apalmercari
Copy link

Any update on this?

@sunnyoswalcro
Copy link

Any update on this?

@SVendittelli
Copy link

While this did not solve my issue, it may help other people here: https://gist.github.com/swinton/03e84635b45c78353b1f71e41007fc7c

@exaucae exaucae linked a pull request Dec 19, 2023 that will close this issue
@exaucae
Copy link

exaucae commented Dec 19, 2023

how far are we from solving this with #110 ?

@dgteixeira
Copy link
Author

@exaucae, I believe that that PR might solve this issue, yes :)

One extra idea, might be to use the GraphQL API that uses GitHub's GPG key to verify the commits, through this GHA - https://github.com/planetscale/ghcommit-action

I saw this idea here: actions/runner#667 (comment)

@etiennetremel
Copy link

Based on @dgteixeira suggestion and for anyone looking for a quick solution until #110 get merged, the following push verified commits:

on:
  pull_request:
    types: [opened, synchronize, reopened]

jobs:
  docs:
    runs-on: ubuntu-latest
    permissions:
      contents: write
    steps:
    - uses: actions/checkout@v4
      with:
        ref: ${{ github.event.pull_request.head.ref }}
    - uses: terraform-docs/gh-actions@main
      with:
        working-dir: .
        recursive: true
        recursive-path: modules
        output-file: README.md
        output-method: inject
    - uses: planetscale/[email protected]
      with:
        commit_message: "terraform-docs: automated action"
        repo: ${{ github.repository }}
        branch: ${{ github.head_ref || github.ref_name }}
        file_pattern: 'modules/**/*.md'
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

7 participants