Skip to content

add support for new circleci root issuer#2278

Merged
Hayden-IO merged 2 commits into
sigstore:mainfrom
meeech:circleci-root-iss
Jan 29, 2026
Merged

add support for new circleci root issuer#2278
Hayden-IO merged 2 commits into
sigstore:mainfrom
meeech:circleci-root-iss

Conversation

@meeech

@meeech meeech commented Jan 28, 2026

Copy link
Copy Markdown
Contributor

Summary

You can now generate a oidc token from circleci with a root issuer - oidc.circleci.com

updated the oid-info as well to reference a new easier path to the job that generated the token

Release Note

  • Add a root issuer to the config for circleci

@meeech meeech requested a review from a team as a code owner January 28, 2026 23:44
@meeech

meeech commented Jan 28, 2026

Copy link
Copy Markdown
Contributor Author

relates to
pypi/warehouse#19349 and
di/id#438

because for python trusted publishing we will only be using root issuer

meeech added 2 commits January 28, 2026 18:47
@meeech
feat: add new root issuer for circleci
58e767b 
Signed-off-by: meeech <4623+meeech@users.noreply.github.com>
@meeech
Update the info to take into account new easier to work with redirect
7be7ea5 
Before we were pointing to an API endpoint where you would get all the jobs in that workflow, and then you could manually find the job in the list.

We've since introduced an easier redirect way of going via the front end.

I think this is better. Nothing changes about the other API based info to lookup

https://app.circleci.com/workflow/{workflow-uuid}/job/{job-uuid}
Signed-off-by: meeech <4623+meeech@users.noreply.github.com>
@meeech meeech force-pushed the circleci-root-iss branch from f971e5c to 7be7ea5 Compare January 28, 2026 23:47
@codecov

codecov Bot commented Jan 28, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 44.96%. Comparing base (cf238ac) to head (7be7ea5).
⚠️ Report is 547 commits behind head on main.

Additional details and impacted files 
@@             Coverage Diff             @@
##             main    #2278       +/-   ##
===========================================
- Coverage   57.93%   44.96%   -12.98%     
===========================================
  Files          50       72       +22     
  Lines        3119     4686     +1567     
===========================================
+ Hits         1807     2107      +300     
- Misses       1154     2343     +1189     
- Partials      158      236       +78

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Hayden-IO
Hayden-IO approved these changes Jan 29, 2026
View reviewed changes

@Hayden-IO Hayden-IO left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! I'll get this rolled out to staging and prod tomorrow.

@Hayden-IO Hayden-IO merged commit 001376a into sigstore:main Jan 29, 2026
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Hayden-IO Hayden-IO Hayden-IO approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@meeech @Hayden-IO