Skip to main content

Update release settings

A release offers key security by confining their use to specific approved timeframes, sometimes referred to as "release windows." Within these defined timeframes, you can manage keypairs, authorized users that can sign, and the maximum allowable signatures.

  1. In the Software Trust menu, go to Account > Account settings.

  2. In the Account section, select the edit (white_pencil_edit_icon.png) icon.

  3. In the Releases section, make the desired changes:

    Field

    Description

    Comparison matches required

    Comparing releases allows you to confirm that multiple releases have matching code and ensure that no bad actors or software has injected malicious code. Enter a value from 2 through 6 to set the required amount of matches required when completing a release comparison.

    Enable keypair types for releases

    Select or deselect the following types of keypairs that user's are allowed to assign to a release:

    • Online

      Online keypairs can be used to sign at any time.

    • Offline

      Offline keypairs can only be used to sign during a release window.

    • Test

      Test keypairs can only be used for test signing.

    Release purpose

    Select how you would like to use your release workflow:

    • Sign

      Only use the release window to sign.

    • Detect threats

      Only use the release window to perform threat detection scans.

    • Detect threats then sign

      Use the release window to perform threat detection scans and then choose to sign based on the scan status.

    Block signing if the CI/CD status fails

    If the release purpose includes threat detection, select if you want to prevent signing if the threat detection scan status fails:

    • Yes

      Don't allow signing if the threat detection scan fails.

    • No

      Prevent signing if the threat detection scan fails.

    • Specify during release

      Enable the option to select if you want the scan to pass or fail while creating a release.

    Restrict threat detection scans to releases

    Threat detection scans tied to a release triggers the approval process, whereas scans completed outside of a release don't require approval.

    • Yes

      Only allow threat detection scans during a release.

    • No

      Threat detection scans can be completed inside or outside of a release window.

  4. Select Update settings.

In this section: