Thanks to visit codestin.com
Credit goes to github.com

Skip to content

cherry: feat: sign coder binaries with the release key using GPG (#18774) #18868

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 15, 2025
Merged

cherry: feat: sign coder binaries with the release key using GPG (#18774) #18868

merged 1 commit into from
Jul 15, 2025
+82 −19

Conversation

deansheather
Copy link
Member

(cherry picked from commit dc0919d)

@jdomeracki-coder @deansheather
feat: sign coder binaries with the release key using GPG (#18774)
027cd8b 
### Description
This PR introduces GPG signing for all Coder *slim-binaries*.
Detached signatures will allow users to verify the integrity and
authenticity of the binaries they download.

### Changes
  * `scripts/sign_with_gpg.sh`: New script to sign a given binary
     using GPG. It imports the release key, signs the binary, and
     verifies the signature.
   * `scripts/build_go.sh`: Updated to call `sign_with_gpg.sh` when the
     `CODER_SIGN_GPG` environment variable is set to 1.
   * `.github/workflows/release.yaml`: The` CODER_SIGN_GPG` environment
     variable is now set to 1 during the release build, enabling GPG
     signing for all release binaries.
   * `.github/workflows/ci.yaml`: The `CODER_SIGN_GPG` environment
     variable is now set to 1 during the CI build, enabling GPG
     signing for all CI binaries.
* `Makefile`: Detached signatures are moved to the `/site/out/bin/
`directory

(cherry picked from commit dc0919d)
@deansheather deansheather changed the title feat: sign coder binaries with the release key using GPG (#18774) cherry: feat: sign coder binaries with the release key using GPG (#18774) Jul 15, 2025
@deansheather deansheather merged commit 5096582 into release/2.24 Jul 15, 2025
31 of 34 checks passed
@deansheather deansheather deleted the dean/cherry-sigs-2.24 branch July 15, 2025 08:23
@github-actions github-actions bot locked and limited conversation to collaborators Jul 15, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@matifali matifali matifali approved these changes

@jdomeracki-coder jdomeracki-coder Awaiting requested review from jdomeracki-coder

Assignees

@deansheather deansheather

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@deansheather @matifali @jdomeracki-coder