I used signatures to secure my yml files, but in the drone I still had to manually approve them every time. What went wrong?
my .drone.yml :
kind: template load: build-node.yaml name: test-pipeline
the signed document
--- kind: template load: build-node.yaml name: test-pipeline --- kind: signature hmac: 20afe7b91d4b194601f82ef36433af167cf8fb685f32c2a24f48412ed44f9a31 ...
Well, I’ve found that not using templates is normal. Using template signatures is problematic.