Skip to content
/ spiffe-github-actions Public

POC to enable SPIFFE on Github Actions

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

arndt-s/spiffe-github-actions

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
.devcontainer
.devcontainer
 
 
.github
.github
 
 
action
action
 
 
agent
agent
 
 
protos
protos
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
action.yaml
action.yaml
 
 

Repository files navigation

spiffe-github-actions

Proof of concept to offer a SPIFFE Workload Endpoint on Github Actions.

If the internet has led you here and you are interested in using SPIFFE in Github Actions feel free to contact me at [email protected].

Scope

  • Code focuses on the SPIFFE part only.
  • Code does NOT validate the Github ID Token.
  • Code only issues a dummy JWT-SVID.

Limitations

  • Github service containers don't have access to the ID token. The init step & corresponding gRPC API is used to initialize the service container with an ID token obtained from the main job.
  • Will only work in Linux. Did not test MacOS runners.

About

POC to enable SPIFFE on Github Actions

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages