From 904025a6544e014e3bb77657b60ff9acb75b27e7 Mon Sep 17 00:00:00 2001 From: Ingrid Crant Date: Tue, 2 Apr 2024 13:49:50 -0400 Subject: [PATCH 1/2] create contributing.md --- CONTRIBUTING.md | 50 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..855241d --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,50 @@ +# Contributing + +Thank you for your interest in contributing to the 1Password load-secrets-action project 👋! Before you start, please take a moment to read through this guide to understand our contribution process. + +## Testing + +After following the steps below for signing commits, you can test against your PR with these steps: + +1. Create or use an existing repo to run the `load-secrets` GitHub Action +2. In a workflow yaml file that uses the GitHub Action, modify the `uses: 1Password/load-secrets-action` line to be + + ``` + uses: 1Password/load-secrets-action@ + + # OR + + uses: 1Password/load-secrets-action@ + ``` + +3. Trigger the action, which now includes your changes + +## Documentation Updates + +If applicable, update the [README.md](./README.md) to reflect any changes introduced by the new code. + +## Sign your commits + +To get your PR merged, we require you to sign your commits. + +### Sign commits with 1Password + +You can also sign commits using 1Password, which lets you sign commits with biometrics without the signing key leaving the local 1Password process. + +Learn how to use [1Password to sign your commits](https://developer.1password.com/docs/ssh/git-commit-signing/). + +### Sign commits with ssh-agent + +Follow the steps below to set up commit signing with `ssh-agent`: + +1. [Generate an SSH key and add it to ssh-agent](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent) +2. [Add the SSH key to your GitHub account](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account) +3. [Configure git to use your SSH key for commits signing](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key#telling-git-about-your-ssh-key) + +### Sign commits with gpg + +Follow the steps below to set up commit signing with `gpg`: + +1. [Generate a GPG key](https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key) +2. [Add the GPG key to your GitHub account](https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-gpg-key-to-your-github-account) +3. [Configure git to use your GPG key for commits signing](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key#telling-git-about-your-gpg-key) \ No newline at end of file From a8494ee4380cdfb38a90eafab751b6725806f79f Mon Sep 17 00:00:00 2001 From: Ingrid Crant Date: Wed, 3 Apr 2024 12:11:53 -0400 Subject: [PATCH 2/2] contributing.md changes --- CONTRIBUTING.md | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 855241d..5985503 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -3,21 +3,22 @@ Thank you for your interest in contributing to the 1Password load-secrets-action project 👋! Before you start, please take a moment to read through this guide to understand our contribution process. ## Testing +Unit tests can be run with `npm run test`. After following the steps below for signing commits, you can test against your PR with these steps: -1. Create or use an existing repo to run the `load-secrets` GitHub Action +1. Create or use an existing repo to run the `load-secrets` GitHub Action. 2. In a workflow yaml file that uses the GitHub Action, modify the `uses: 1Password/load-secrets-action` line to be - ``` - uses: 1Password/load-secrets-action@ + ```yaml + uses: 1Password/load-secrets-action@ + ``` + OR + ```yaml + uses: 1Password/load-secrets-action@ + ``` - # OR - - uses: 1Password/load-secrets-action@ - ``` - -3. Trigger the action, which now includes your changes +3. Trigger the action, which now includes your changes. ## Documentation Updates