about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2023-12-03 08:27:42 -0800
committerFranck Cuny <franck@fcuny.net>2023-12-03 08:27:42 -0800
commit5ebccaf62ef845a66a6f88a287caea0b07835d64 (patch)
treea2d126810f61b0eb35b70ad3fba810729e46ab70
parentI truly hate testing GH workflows (diff)
downloadfcuny.net-5ebccaf62ef845a66a6f88a287caea0b07835d64.tar.gz
sign the commit when updating flake.lock
-rw-r--r--.github/workflows/page.yml2
-rw-r--r--.github/workflows/update.yml5
2 files changed, 5 insertions, 2 deletions
diff --git a/.github/workflows/page.yml b/.github/workflows/page.yml
index 5260b0d..04d964f 100644
--- a/.github/workflows/page.yml
+++ b/.github/workflows/page.yml
@@ -1,4 +1,4 @@
-name: Deploy to Pages
+name: 'Deploy to Pages'
 
 on:
   push:
diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml
index 27592ec..471f2c9 100644
--- a/.github/workflows/update.yml
+++ b/.github/workflows/update.yml
@@ -1,4 +1,4 @@
-name: update-flake-lock
+name: 'Update flake.lock'
 on:
   workflow_dispatch:
   schedule:
@@ -17,6 +17,9 @@ jobs:
         with:
           extra_nix_config: |
             access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
+      # sign the commit:
+      # https://www.chainguard.dev/unchained/keyless-git-commit-signing-with-gitsign-and-github-actions
+      - uses: chainguard-dev/actions/setup-gitsign@main
       - name: Update flake.lock
         id: update-flake-lock
         uses: DeterminateSystems/update-flake-lock@v20