- From: Orie Steele <orie@transmute.industries>
- Date: Sun, 20 Mar 2022 16:10:40 -0500
- To: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
- Cc: Sapan Narang <sapan@transmute.industries>
Received on Sunday, 20 March 2022 21:11:07 UTC
Friends, I wanted to share some updates I made to the github action we created for working with DIDs and VCs in GitHub Workflows. https://github.com/transmute-industries/public-credential-registry-template/blob/main/docs/public-container-registry.md This is a demo / PoC... and it's got a bunch of security issues... If you didn't trust GitHub, you could technically implement this all yourself, with your corporate website, a jenkins build server, and your favorite container registry, but GitHub sure has made everything nice and centralized and easy :) TLDR: - Creating Container Revision VCs with DID Web in a GitHub Action - Uploading the VC-JWT for the signed revision as a label to GitHub Container Registry - Pulling the latest container registry tag and checking the vc for the revision. Because VC-JWT is basically just a boring JWT with some extra semantic sugar, off the shelf libraries can be used, see the "direct link" at the bottom of the readme link above. Regards, OS -- *ORIE STEELE* Chief Technical Officer www.transmute.industries <https://www.transmute.industries>
Received on Sunday, 20 March 2022 21:11:07 UTC