Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [eclipse.org-architecture-council] Supporting GitHub Actions / GitHub repositories

Hi Tom,

Sorry for the late reply. See my comments inline

Le 15 janv. 2020 à 12:45, Tom Schindl <tom.schindl@xxxxxxxxxxxxxxx> a écrit :

Hi,

I was about to file a bug but as it looks like this is discussed on this
list, I thought i could directly reply.

We are doing cross-platform builds for efxclipse-driftfx using
github-actions but our problem is that naturally we can not sign our
artifacts there so we need a way to make the Eclipse.org-Jenkins do that.

Indeed, currently signing services only run behind our firewall.


Our thought was that we could make github-actions trigger the
efxclipse-jiro-jenkins instance who fetches the build result, sign it
and uploading that to github-releases.

Note that if someone volunteers to implement TLS+oauth2 authentication in https://git.eclipse.org/c/cbi/org.eclipse.cbi.git/tree/webservice/signing/jar , we could expose the jar signing service to the outside world.

If I get you right this won't be possible because you will never allow
github to trigger our jenkins instance because that would require user
credentials available on github, right?

We would need to investigate what is needed by your github actions to trigger a Jenkins job. Note that on Gtihub we have bot accounts that may be used for that purpose. Again, we would need to investigate.

Cheers,

Attachment: signature.asc
Description: Message signed with OpenPGP


Back to the top