Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[OIDC] User docs #13285

Merged
merged 34 commits into from
Mar 28, 2023
Merged

[OIDC] User docs #13285

merged 34 commits into from
Mar 28, 2023

Conversation

woodruffw
Copy link
Member

@woodruffw woodruffw commented Mar 23, 2023
edited
Loading

This is an import of the private OIDC user docs, broken up into individual subpages.

@woodruffw
docs/user: OIDC doc skeleton
480595b 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs/user: dump the OIDC docs in
75ef2ce 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
OIDC publishing: retitle
8f78f48 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs: recase
73aaf16 
Signed-off-by: William Woodruff <william@trailofbits.com>
@hugovk
Copy link
Contributor

hugovk commented Mar 23, 2023

There's both a docs/user/OIDC-publishing/index.md and docs/user/oidc-publishing/index.md here, causing duplication: https://docspypiorg--13285.org.readthedocs.build/

image

73aaf16 was a cp not a mv?

@woodruffw
Copy link
Member Author

73aaf16 was a cp not a mv?

Blegh, this is a macOS case thing -- I only have one of these directories locally. I'll fix it.

@woodruffw
docs: remove misbehaving directory
33f20df 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs: fixup
475c070 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs: fix images
dd1438f 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
user/main: remove unused macro
9d3d9b9 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw woodruffw marked this pull request as ready for review March 23, 2023 17:20
@woodruffw woodruffw requested a review from a team as a code owner March 23, 2023 17:20
@woodruffw
docs: subpages!
23a7a45 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
mkdocs: add nav
717b5c8 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs: fix headers, use breakout
0a310a4 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs: add missing preview breakout
0c5ec4a 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw woodruffw requested review from ewdurbin and di March 23, 2023 18:11
@woodruffw woodruffw self-assigned this Mar 23, 2023
hugovk
hugovk reviewed Mar 23, 2023
View reviewed changes
docs/user/OIDC-publishing/index.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/adding-a-publisher.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/using-a-publisher.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/security-model.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/security-model.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/troubleshooting.md Outdated Show resolved Hide resolved
hugovk and others added 3 commits March 23, 2023 22:29
@hugovk
Losslessly squash assets by ~40%
d710805
@woodruffw @hugovk
Apply suggestions from code review
2bf8a48 
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
@woodruffw @hugovk
Update docs/user/OIDC-publishing/adding-a-publisher.md
e90802a 
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
@hugovk hugovk mentioned this pull request Mar 23, 2023
Merged
@woodruffw
Merge pull request #1623 from hugovk/13285-squash-pngs
7e4c4d5 
Losslessly squash assets by ~40%
di
di reviewed Mar 24, 2023
View reviewed changes
Copy link
Member

@di di left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

At a high level: I think I want to avoid using the "OIDC" acronym as much as possible, and instead rebrand this as "trusted publishing" or "trusted publishers". The few exceptions are when we explain in detail how this works in the background, and security model.

Aside from a lot of nits, this looks great!

docs/user/main.py Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/adding-a-publisher.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/adding-a-publisher.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/adding-a-publisher.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/adding-a-publisher.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/using-a-publisher.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/using-a-publisher.md Outdated Show resolved Hide resolved
mkdocs-user-docs.yml Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/index.md Outdated Show resolved Hide resolved
docs/user/OIDC-publishing/index.md Outdated Show resolved Hide resolved
woodruffw and others added 8 commits March 23, 2023 23:04
@woodruffw @di
Apply suggestions from code review
8a417bf 
Co-authored-by: Dustin Ingram <di@users.noreply.github.com>
@woodruffw @di
Apply suggestions from code review
e408cb7 
Co-authored-by: Dustin Ingram <di@users.noreply.github.com>
@woodruffw @di
Update docs/user/main.py
e172c99 
Co-authored-by: Dustin Ingram <di@users.noreply.github.com>
@woodruffw
docs: rename entire tree
ab13e65 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs: remove "above" ref
77fdaf5 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs: OIDC -> trusted
2ac579a 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs: emphasize permission preference
83790a8
@woodruffw
docs: add a diff
62d8aaa
@woodruffw
Copy link
Member Author

Let me know if you'd like me to update the screenshots as well: a few of them reference my account or pip-audit as well; I can make them generic instead.

@woodruffw
docs: document risks with untrusted committers
c9e37a0 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs: remove ref to beta
c69eac5 
Unnecessary in this context.

Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
Copy link
Member Author

At a high level: I think I want to avoid using the "OIDC" acronym as much as possible, and instead rebrand this as "trusted publishing" or "trusted publishers". The few exceptions are when we explain in detail how this works in the background, and security model.

Makes sense! I've removed a few other refs to "OIDC", but preserved all of the ones under the security model and low level use section.

@di
Copy link
Member

di commented Mar 24, 2023

Yeah, I do think we should update the screenshots to refer to sampleproject as well, but I that your username is probably fine.

hugovk
hugovk reviewed Mar 24, 2023
View reviewed changes
Copy link
Contributor

@hugovk hugovk left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nits for consistent page titles:

Details

image

docs/user/trusted-publishers/index.md Outdated Show resolved Hide resolved
docs/user/trusted-publishers/adding-a-publisher.md Outdated Show resolved Hide resolved
docs/user/trusted-publishers/creating-a-project-through-oidc.md Outdated Show resolved Hide resolved
docs/user/trusted-publishers/security-model.md Outdated Show resolved Hide resolved
di and others added 2 commits March 24, 2023 11:06
@di @hugovk
Apply suggestions from code review
ae693ba 
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
@woodruffw
docs: use a canonical PyPI project name
f21748b 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
docs: more picture updates
a7f63b9 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
Merge remote-tracking branch 'upstream/main' into tob-oidc-user-docs
3051803 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw woodruffw requested a review from di March 25, 2023 01:30
@di di enabled auto-merge (squash) March 28, 2023 20:55
@di di merged commit bf19fdb into pypi:main Mar 28, 2023
@di di deleted the tob-oidc-user-docs branch March 28, 2023 21:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hugovk hugovk hugovk left review comments

@di di di approved these changes

@ewdurbin ewdurbin Awaiting requested review from ewdurbin

Assignees

@woodruffw woodruffw

Labels
documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@woodruffw @hugovk @di @ewdurbin