It's good to have talented people around whom I can learn from and move forward with as an antidote to my frequent stinkn' thinkin'. -Brent Shambaugh GitHub: https://github.com/bshambaugh Website: http://bshambaugh.org/ LinkedIN: https://www.linkedin.com/in/brent-shambaugh-9b91259 Skype: brent.shambaugh Twitter: https://twitter.com/Brent_Shambaugh WebID: http://bshambaugh.org/foaf.rdf#me On Sat, Mar 26, 2022 at 1:05 PM Kim Hamilton <kimdhamilton@gmail.com> wrote: > Really nice work Orie! > > On Sun, Mar 20, 2022 at 2:11 PM Orie Steele <orie@transmute.industries> > wrote: > >> Friends, >> >> I wanted to share some updates I made to the github action we created for >> working with DIDs and VCs in GitHub Workflows. >> >> >> https://github.com/transmute-industries/public-credential-registry-template/blob/main/docs/public-container-registry.md >> >> This is a demo / PoC... and it's got a bunch of security issues... >> >> If you didn't trust GitHub, you could technically implement this all >> yourself, with your corporate website, a jenkins build server, and your >> favorite container registry, but GitHub sure has made everything nice and >> centralized and easy :) >> >> TLDR: >> >> - Creating Container Revision VCs with DID Web in a GitHub Action >> - Uploading the VC-JWT for the signed revision as a label to GitHub >> Container Registry >> - Pulling the latest container registry tag and checking the vc for the >> revision. >> >> Because VC-JWT is basically just a boring JWT with some extra semantic >> sugar, off the shelf libraries can be used, see the "direct link" at the >> bottom of the readme link above. >> >> Regards, >> >> OS >> -- >> *ORIE STEELE* >> Chief Technical Officer >> www.transmute.industries >> >> <https://www.transmute.industries> >> >
Received on Saturday, 26 March 2022 18:12:53 UTC