Verify commit GitHub action
A GitHub action to verify the authenticity of your commits with CodeNotary.io
You can sign your work locally using the CodeNotary vcn tool (ie. vcn notarize git://.
). This action will verify these signatures so other people will know that your commits come from a trusted source.
Usage
Create a workflow .yml
file in your repositories .github/workflows
directory (eg. .github/workflows/verify.yml
). In your workflow you first need to checkout your repository then use this action:
name: CodeNotary
on: [push]
jobs:
check:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@master
- name: Verify
uses: vchain-us/verify-action@master
For more details, see Contexts and expression syntax for GitHub Actions
Inputs
See action.yml.
Available inputs
signerID
- List of SignerID(s) (separated by space) to authenticate against. A SignerID is the signer's public address (represented as a 40 hex characters long string prefixed with0x
).org
- Organization's ID to authenticate against. Note thatorg
takes precedence oversignerID
path
- Path to git working directory. Default to the current directory.
Example:
- name: Verify
uses: vchain-us/verify-action@master
with:
signerID: <a trusted signer ID>
org: <a trusted organization>
path: <path to your repository, if not the current directory>