From f74adaaf374d7d4a49f82db60957682905481bfa Mon Sep 17 00:00:00 2001 From: Jan Willhaus Date: Mon, 22 Jan 2024 23:09:21 +0100 Subject: [PATCH] build: Add key import to sign releases --- .github/workflows/bump-version.yaml | 40 +++++++++++++++++++++-------- 1 file changed, 30 insertions(+), 10 deletions(-) diff --git a/.github/workflows/bump-version.yaml b/.github/workflows/bump-version.yaml index 82c0609..0b3b54c 100644 --- a/.github/workflows/bump-version.yaml +++ b/.github/workflows/bump-version.yaml @@ -4,6 +4,7 @@ on: push: branches: - main + - add-signing-key jobs: bump-version: @@ -24,15 +25,34 @@ jobs: CHANGELOG.md sparse-checkout-cone-mode: false - - name: Create bump and changelog - uses: commitizen-tools/commitizen-action@master + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v6 with: - github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - changelog_increment_filename: body.md + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + git_tag_gpgsign: true + fingerprint: 7A1EF19E1F266D03D46BE9F27438C994EFDC613D - - name: Create GitHub release - uses: ncipollo/release-action@v1 - with: - tag: v${{ env.REVISION }} - bodyFile: "body.md" - skipIfReleaseExists: true + - name: List keys + run: gpg -K + + - run : 'echo testing > file.txt' + - run: git add file.txt + - run: git commit + - run: git show + - run: git verify-commit HEAD + + # - name: Create bump and changelog + # uses: commitizen-tools/commitizen-action@master + # with: + # github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} + # changelog_increment_filename: body.md + + # - name: Create GitHub release + # uses: ncipollo/release-action@v1 + # with: + # tag: v${{ env.REVISION }} + # bodyFile: "body.md" + # skipIfReleaseExists: true