Verify commit GitHub action
A GitHub action to verify the authenticity of your commits with CodeNotary.io
You can sign your work locally using the CodeNotary vcn tool (ie.
vcn notarize git://.). This action will verify these signatures so other people will know that your commits come from a trusted source.
Create a workflow
.yml file in your repositories
.github/workflows directory (eg.
.github/workflows/verify.yml). In your workflow you first need to checkout your repository then use this action:
name: CodeNotary on: [push] jobs: check: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@master - name: Verify uses: vchain-us/verify-action@master
For more details, see Contexts and expression syntax for GitHub Actions
signerID- List of SignerID(s) (separated by space) to authenticate against. A SignerID is the signer's public address (represented as a 40 hex characters long string prefixed with
org- Organization's ID to authenticate against. Note that
orgtakes precedence over
path- Path to git working directory. Default to the current directory.
- name: Verify uses: vchain-us/verify-action@master with: signerID: <a trusted signer ID> org: <a trusted organization> path: <path to your repository, if not the current directory>