Skip to content

Commit

Permalink
Fix: signing options are used incorrectly
Browse files Browse the repository at this point in the history
The release.yml cannot access secrets directly instead they must be
passed.
  • Loading branch information
nichtsfrei committed Mar 13, 2024
1 parent 22c10ad commit 6a404e9
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 2 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/control.yml
Original file line number Diff line number Diff line change
Expand Up @@ -103,3 +103,5 @@ jobs:
token: ${{ secrets.GREENBONE_BOT_TOKEN }}
name: ${{ secrets.GREENBONE_BOT }}
email: ${{ secrets.GREENBONE_BOT_MAIL }}
gpg_key: ${{ secrets.GPG_KEY }}
gpg_pass: ${{ secrets.GPG_PASSPHRASE }}
8 changes: 6 additions & 2 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,10 @@ on:
required: true
email:
required: true
gpg_key:
required: true
gpg_pass:
required: true


# This job first determines the target branch of the closed pull request. If the target branch is "main",
Expand Down Expand Up @@ -129,8 +133,8 @@ jobs:
export filename="$PROJECT-$nrn"
curl -sfSL --retry 3 --retry-connrefused --retry-delay 2 -o assets/$filename.zip https://github.com/${{ github.repository }}/archive/refs/tags/$nrn.zip
curl -sfSL --retry 3 --retry-connrefused --retry-delay 2 -o assets/$filename.tar.gz https://github.com/${{ github.repository }}/archive/refs/tags/$nrn.tar.gz
echo -e "${{ secrets.GPG_KEY }}" > private.pgp
echo ${{ secrets.GPG_PASSPHRASE }} | bash .github/sign-assets.sh private.pgp
echo -e "${{ secrets.gpg_key }}" > private.pgp
echo ${{ secrets.gpg_pass }} | bash .github/sign-assets.sh private.pgp
rm assets/$filename.zip
rm assets/$filename.tar.gz
gh release upload $nrn assets/*

0 comments on commit 6a404e9

Please sign in to comment.