mirror of
https://codeberg.org/forgejo/docs.git
synced 2024-11-21 17:36:59 -05:00
developer: release: octopuce is not publicly visible
This commit is contained in:
parent
51a1f2951e
commit
06233a63cd
1 changed files with 3 additions and 3 deletions
|
@ -150,8 +150,8 @@ The release is built on https://code.forgejo.org/forgejo-integration/runner, whi
|
|||
|
||||
The release is published on
|
||||
https://forgejo.octopuce.forgejo.org/forgejo/runner, which is a mirror
|
||||
of https://code.forgejo.org/forgejo-integration/runner. It is behind a
|
||||
VPN and its role is to copy and sign release artifacts.
|
||||
of https://code.forgejo.org/forgejo-integration/runner. It has no public IP
|
||||
and its role is to copy and sign release artifacts.
|
||||
|
||||
- Binaries are downloaded from https://code.forgejo.org/forgejo-integration/runner, signed and copied to https://code.forgejo.org/forgejo/runner.
|
||||
- Container images are copied from https://code.forgejo.org/forgejo-integration to https://code.forgejo.org/forgejo
|
||||
|
@ -169,7 +169,7 @@ providing the secrets from the command line.
|
|||
|
||||
### Securing the release token and cryptographic keys
|
||||
|
||||
For both the Forgejo runner and Forgejo itself, copying and signing the release artifacts (container images and binaries) happen on a Forgejo isntance running [behind a VPN](../infrastructure/#octopuce) to safeguard the token that has write access to the Forgejo repository as well as the cryptographic key used to sign the releases.
|
||||
For both the Forgejo runner and Forgejo itself, copying and signing the release artifacts (container images and binaries) happen on a Forgejo instance [not publicly accessible](../infrastructure/#octopuce) to safeguard the token that has write access to the Forgejo repository as well as the cryptographic key used to sign the releases.
|
||||
|
||||
### Website update
|
||||
|
||||
|
|
Loading…
Reference in a new issue