Skip to content

OIDC URL is ignored in SigningConfig #1371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
haydentherapper opened this issue May 7, 2025 · 1 comment · Fixed by #1363
Closed

OIDC URL is ignored in SigningConfig #1371

haydentherapper opened this issue May 7, 2025 · 1 comment · Fixed by #1363
Labels
bug Something isn't working

Comments

@haydentherapper
Copy link
Contributor

Description

Version

Specified the following SigningConfig in a ClientTrustConfig:

  "signingConfig": {
    "ca_url": "https://fulcio.sigstage.dev",
    "oidc_url": "https://oauth2.sigstage.dev/auth",
    "tlog_urls": [
      "https://rekor.sigstage.dev"
    ],
    "tsa_urls": [
      "https://timestamp.sigstage.dev/api/v1/timestamp"
    ]
  }

The OIDC URL was ignored, and defaulted to prod. To work around this, I provided an identity token obtained out of band.
@haydentherapper haydentherapper added the bug Something isn't working label May 7, 2025
@jku
Copy link
Member

jku commented May 8, 2025
edited
Loading

Should get fixed in #1363

@haydentherapper haydentherapper mentioned this issue May 9, 2025
Merged
@jku jku closed this as completed in #1363 May 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Use trust config everywhere jku/sigstore-python
2 participants
@jku @haydentherapper