Skip to main content

diagrid workflow archive trust-anchor

Print the region's Sentry CA trust anchor for a project

Description

Print the region's Sentry CA trust anchor (PEM) for a project.

This is the trust bundle that anchors the signing certificates in workflow history archives. Use it to verify archives offline:

diagrid workflow archive trust-anchor -p my-project > sentry-ca.pem diagrid workflow archive verify wf-123.json --trust-anchor sentry-ca.pem

Note: this returns the current trust anchor. Because Sentry roots rotate, it verifies recently-produced archives; verifying older archives may require the trust anchor that was current when they were produced.

diagrid workflow archive trust-anchor [flags]

Examples


# Print the trust anchor to stdout
diagrid workflow archive trust-anchor -p my-project

# Save it to a file
diagrid workflow archive trust-anchor -p my-project --out sentry-ca.pem

Options

-p, --project string Name of existing project
--out string Write the PEM bundle to this file instead of stdout
-h, --help help for trust-anchor

Options inherited from parent commands

--api-key string Diagrid Cloud API key

SEE ALSO