Invalid signature

Bluebang · March 1, 2023, 2:20pm

hi all，
I used signatures to secure my yml files, but in the drone I still had to manually approve them every time. What went wrong?

my .drone.yml :

kind: template
load: build-node.yaml
name: test-pipeline

the signed document

---
kind: template
load: build-node.yaml
name: test-pipeline
---
kind: signature
hmac: 20afe7b91d4b194601f82ef36433af167cf8fb685f32c2a24f48412ed44f9a31

...

update:
Well, I’ve found that not using templates is normal. Using template signatures is problematic.

Bluebang · March 1, 2023, 2:36pm

@bradrydzewski Great summoning！

Bluebang · March 4, 2023, 6:30am

some body help ?

jimsheldon · March 10, 2023, 9:26pm

My guess is that signatures cannot be combined with templates, I am trying to verify this.

Bluebang · March 11, 2023, 12:40pm

It is said that you can validate yml files using custom services, but this adds another layer of complexity. I still want the template and signature to be used together.

Topic		Replies	Views
Signed drone file invalid after using an extension Drone Support	2	266	March 10, 2020
Using templates with protected repositories does not work correctly Drone Bugs	2	426	March 1, 2023
Error: "Schema Validation: Value should be one of "Signature","Secret"" Drone Support	2	273	June 29, 2020
Question about signing .drone.yaml Drone Support	6	1169	January 11, 2019
Planning to eliminate the signature file Drone Support	1	500	March 19, 2017

Invalid signature

Related topics