Warning: Unable to verify the Yaml signature

by bradrydzewski

Drone secrets are exposed to a build iff the .drone.yml signature can be verified. When signature verification fails the below message is displayed.

WARNING: unable to verify the Yaml signature

The above warning is the usually the result of updates to the .drone.yml file causing the signature to fail. You should therefore update the signature every time you update the Yaml file.

drone sign octocat/hello-world

Commit the updated signature to your GitHub repository:

git add .drone.yml.sig
git commit -m "updated yaml signature"