From c40c3a0fd51235d81b93fa8d83615f9d66bac1e5 Mon Sep 17 00:00:00 2001
From: Jan Willhaus <mail@janwillhaus.de>
Date: Mon, 22 Jan 2024 23:09:21 +0100
Subject: [PATCH] build: Add key import to sign releases

---
 .github/workflows/bump-version.yaml | 54 ++++++++++++++++++++---------
 1 file changed, 37 insertions(+), 17 deletions(-)

diff --git a/.github/workflows/bump-version.yaml b/.github/workflows/bump-version.yaml
index 82c0609..56f708b 100644
--- a/.github/workflows/bump-version.yaml
+++ b/.github/workflows/bump-version.yaml
@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - main
+      - add-signing-key
 
 jobs:
   bump-version:
@@ -16,23 +17,42 @@ jobs:
         with:
           token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
           fetch-depth: 0
-          # Must include all files from pyproject.toml's tool.commitizen.version_files
-          sparse-checkout: |
-            pyproject.toml
-            podcast_archiver/__init__.py
-            README.md
-            CHANGELOG.md
-          sparse-checkout-cone-mode: false
+          # # Must include all files from pyproject.toml's tool.commitizen.version_files
+          # sparse-checkout: |
+          #   pyproject.toml
+          #   podcast_archiver/__init__.py
+          #   README.md
+          #   CHANGELOG.md
+          # sparse-checkout-cone-mode: false
 
-      - name: Create bump and changelog
-        uses: commitizen-tools/commitizen-action@master
+      - name: Import GPG key
+        uses: crazy-max/ghaction-import-gpg@v6
         with:
-          github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
-          changelog_increment_filename: body.md
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.GPG_PASSPHRASE }}
+          git_user_signingkey: true
+          git_commit_gpgsign: true
+          git_tag_gpgsign: true
+          fingerprint: 2B939A343491740FE1483E5C41E311388E4BB349
 
-      - name: Create GitHub release
-        uses: ncipollo/release-action@v1
-        with:
-          tag: v${{ env.REVISION }}
-          bodyFile: "body.md"
-          skipIfReleaseExists: true
+      - name: List keys
+        run: gpg -K
+
+      - run : 'echo testing > file.txt'
+      - run: git add -f file.txt
+      - run: git commit
+      - run: git show
+      - run: git verify-commit HEAD
+
+      # - name: Create bump and changelog
+      #   uses: commitizen-tools/commitizen-action@master
+      #   with:
+      #     github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
+      #     changelog_increment_filename: body.md
+
+      # - name: Create GitHub release
+      #   uses: ncipollo/release-action@v1
+      #   with:
+      #     tag: v${{ env.REVISION }}
+      #     bodyFile: "body.md"
+      #     skipIfReleaseExists: true