Trusted Publishing support for GitLab CI #11987
Description
Similar to GitHub Actions, GitLab CI also supports OIDC authentication (see https://docs.gitlab.com/ci/secrets/id_token_authentication/). This issue tracks the work that is necessary to build Trusted Publishing support for it.
Steps
- Implement backend support in crates.io
- Add database table for GitLab CI trusted publishing configs (database: Add
trustpub_configs_gitlabtable #11988) - Adjust token exchange API endpoint to support GitLab CI OIDC authentication (trustpub/tokens/exchange: Implement GitLab CI support #12026)
- Implement API endpoint to create GitLab CI trusted publishing configs (incl. email notification) (trustpub: Implement
POST /api/v1/trusted_publishing/gitlab_configsAPI endpoint #12268) - Implement API endpoint to delete GitLab CI trusted publishing config (incl. email notification)
- Implement API endpoint to list GitLab CI trusted publishing configs
- Adjust
trustpub_config_created/deletedemails to support GitLab CI configurations (trustpub/emails: Add support for GitLab configs #12048) - Adjust
SendPublishNotificationsbackground job to show GitLab CI information
- Add database table for GitLab CI trusted publishing configs (database: Add
- Implement frontend UI in crates.io
- Adjust trusted publishing configs list to include GitLab CI configs
- Adjust trusted publishing config creation form to support GitLab CI configs
- Implement button to delete GitLab CI trusted publishing configs
- Adjust
versionmodel to support GitLab CI intrustpubPublisherandtrustpubUrlfields - Adjust
VersionListcomponent to show GitLab icons - Write documentation for the Trusted Publishing feature
- Figure out how to use it on the GitLab CI side