forked from Bos55/nix-config
feat(ci): implement signed commit verification and update security policy
Some checks failed
Check / check (push) Failing after 2s
Some checks failed
Check / check (push) Failing after 2s
Added a CI/CD step to verify cryptographic signatures for deployments. Updated SECURITY.md with the new trust model and refined GHA workflows for consistency.
This commit is contained in:
parent
17c5d0ee48
commit
c55843ffa7
GPG key ID:
38297DE43F75FFE2
4 changed files with 222 additions and 27 deletions
24
.github/workflows/check.yml
vendored
Normal file
24
.github/workflows/check.yml
vendored
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
name: Check
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- '**'
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
check:
|
||||
runs-on: ubuntu-latest
|
||||
container: catthehacker/ubuntu:act-24.04
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Install Nix
|
||||
uses: cachix/install-nix-action@v27
|
||||
with:
|
||||
extra_nix_config: |
|
||||
experimental-features = nix-command flakes
|
||||
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Flake check
|
||||
run: nix flake check
|
||||
Loading…
Add table
Add a link
Reference in a new issue