mirror of
https://github.com/crazy-max/ghaction-import-gpg.git
synced 2025-01-18 13:54:47 +01:00
Enable signing for Git commits and tags (#4)
This commit is contained in:
parent
becd8c1b3b
commit
feede15671
6 changed files with 97 additions and 1 deletions
2
.github/workflows/ci.yml
vendored
2
.github/workflows/ci.yml
vendored
|
@ -35,6 +35,8 @@ jobs:
|
||||||
-
|
-
|
||||||
name: Import GPG key
|
name: Import GPG key
|
||||||
uses: ./
|
uses: ./
|
||||||
|
with:
|
||||||
|
git_gpgsign: true
|
||||||
env:
|
env:
|
||||||
SIGNING_KEY: ${{ secrets.SIGNING_KEY_TEST }}
|
SIGNING_KEY: ${{ secrets.SIGNING_KEY_TEST }}
|
||||||
PASSPHRASE: ${{ secrets.PASSPHRASE_TEST }}
|
PASSPHRASE: ${{ secrets.PASSPHRASE_TEST }}
|
||||||
|
|
13
README.md
13
README.md
|
@ -17,6 +17,7 @@ If you are interested, [check out](https://git.io/Je09Y) my other :octocat: GitH
|
||||||
* Works on Linux and MacOS [virtual environments](https://help.github.com/en/articles/virtual-environments-for-github-actions#supported-virtual-environments-and-hardware-resources)
|
* Works on Linux and MacOS [virtual environments](https://help.github.com/en/articles/virtual-environments-for-github-actions#supported-virtual-environments-and-hardware-resources)
|
||||||
* Allow to seed the internal cache of `gpg-agent` with provided passphrase
|
* Allow to seed the internal cache of `gpg-agent` with provided passphrase
|
||||||
* Purge imported GPG key and cache information from runner (security)
|
* Purge imported GPG key and cache information from runner (security)
|
||||||
|
* Enable signing for Git commits and tags
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
|
@ -36,7 +37,9 @@ jobs:
|
||||||
uses: actions/checkout@v2
|
uses: actions/checkout@v2
|
||||||
-
|
-
|
||||||
name: Import GPG key
|
name: Import GPG key
|
||||||
uses: crazy-max/ghaction-import-gpg@master
|
uses: crazy-max/ghaction-import-gpg@v1
|
||||||
|
with:
|
||||||
|
git_gpgsign: true
|
||||||
env:
|
env:
|
||||||
SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
|
SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
|
||||||
PASSPHRASE: ${{ secrets.PASSPHRASE }}
|
PASSPHRASE: ${{ secrets.PASSPHRASE }}
|
||||||
|
@ -44,6 +47,14 @@ jobs:
|
||||||
|
|
||||||
## Customizing
|
## Customizing
|
||||||
|
|
||||||
|
### inputs
|
||||||
|
|
||||||
|
Following inputs can be used as `step.with` keys
|
||||||
|
|
||||||
|
| Name | Type | Description |
|
||||||
|
|----------------------|---------|----------------------------------------------------------|
|
||||||
|
| `git_gpgsign` | Bool | Enable signing for this Git repository (default `false`) |
|
||||||
|
|
||||||
### environment variables
|
### environment variables
|
||||||
|
|
||||||
Following environment variables can be used as `step.env` keys
|
Following environment variables can be used as `step.env` keys
|
||||||
|
|
|
@ -6,6 +6,11 @@ branding:
|
||||||
color: 'yellow'
|
color: 'yellow'
|
||||||
icon: 'lock'
|
icon: 'lock'
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
git_gpgsign:
|
||||||
|
description: 'Enable signing for this Git repository'
|
||||||
|
default: 'false'
|
||||||
|
|
||||||
runs:
|
runs:
|
||||||
using: 'node12'
|
using: 'node12'
|
||||||
main: 'dist/index.js'
|
main: 'dist/index.js'
|
||||||
|
|
53
dist/index.js
generated
vendored
53
dist/index.js
generated
vendored
|
@ -1015,6 +1015,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
||||||
};
|
};
|
||||||
Object.defineProperty(exports, "__esModule", { value: true });
|
Object.defineProperty(exports, "__esModule", { value: true });
|
||||||
const core = __importStar(__webpack_require__(470));
|
const core = __importStar(__webpack_require__(470));
|
||||||
|
const git = __importStar(__webpack_require__(453));
|
||||||
const gpg = __importStar(__webpack_require__(207));
|
const gpg = __importStar(__webpack_require__(207));
|
||||||
const openpgp = __importStar(__webpack_require__(781));
|
const openpgp = __importStar(__webpack_require__(781));
|
||||||
const stateHelper = __importStar(__webpack_require__(153));
|
const stateHelper = __importStar(__webpack_require__(153));
|
||||||
|
@ -1059,6 +1060,11 @@ function run() {
|
||||||
core.debug(stdout);
|
core.debug(stdout);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
if (/true/i.test(core.getInput('git_gpgsign'))) {
|
||||||
|
core.info('💎 Enable signing for this Git repository');
|
||||||
|
yield git.enableCommitGpgsign();
|
||||||
|
yield git.setUserSigningkey(privateKey.keyID);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
catch (error) {
|
catch (error) {
|
||||||
core.setFailed(error.message);
|
core.setFailed(error.message);
|
||||||
|
@ -1378,6 +1384,53 @@ function escapeProperty(s) {
|
||||||
}
|
}
|
||||||
//# sourceMappingURL=command.js.map
|
//# sourceMappingURL=command.js.map
|
||||||
|
|
||||||
|
/***/ }),
|
||||||
|
|
||||||
|
/***/ 453:
|
||||||
|
/***/ (function(__unusedmodule, exports, __webpack_require__) {
|
||||||
|
|
||||||
|
"use strict";
|
||||||
|
|
||||||
|
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
||||||
|
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
||||||
|
return new (P || (P = Promise))(function (resolve, reject) {
|
||||||
|
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
||||||
|
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
||||||
|
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
||||||
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
||||||
|
});
|
||||||
|
};
|
||||||
|
var __importStar = (this && this.__importStar) || function (mod) {
|
||||||
|
if (mod && mod.__esModule) return mod;
|
||||||
|
var result = {};
|
||||||
|
if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
|
||||||
|
result["default"] = mod;
|
||||||
|
return result;
|
||||||
|
};
|
||||||
|
Object.defineProperty(exports, "__esModule", { value: true });
|
||||||
|
const exec = __importStar(__webpack_require__(807));
|
||||||
|
const git = (args = []) => __awaiter(void 0, void 0, void 0, function* () {
|
||||||
|
return yield exec.exec(`git`, args, true).then(res => {
|
||||||
|
if (res.stderr != '' && !res.success) {
|
||||||
|
throw new Error(res.stderr);
|
||||||
|
}
|
||||||
|
return res.stdout.trim();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
function enableCommitGpgsign() {
|
||||||
|
return __awaiter(this, void 0, void 0, function* () {
|
||||||
|
yield git(['config', 'commit.gpgsign', 'true']);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
exports.enableCommitGpgsign = enableCommitGpgsign;
|
||||||
|
function setUserSigningkey(keyid) {
|
||||||
|
return __awaiter(this, void 0, void 0, function* () {
|
||||||
|
yield git(['config', 'user.signingkey', keyid]);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
exports.setUserSigningkey = setUserSigningkey;
|
||||||
|
|
||||||
|
|
||||||
/***/ }),
|
/***/ }),
|
||||||
|
|
||||||
/***/ 470:
|
/***/ 470:
|
||||||
|
|
18
src/git.ts
Normal file
18
src/git.ts
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
import * as exec from './exec';
|
||||||
|
|
||||||
|
const git = async (args: string[] = []): Promise<string> => {
|
||||||
|
return await exec.exec(`git`, args, true).then(res => {
|
||||||
|
if (res.stderr != '' && !res.success) {
|
||||||
|
throw new Error(res.stderr);
|
||||||
|
}
|
||||||
|
return res.stdout.trim();
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
export async function enableCommitGpgsign(): Promise<void> {
|
||||||
|
await git(['config', 'commit.gpgsign', 'true']);
|
||||||
|
}
|
||||||
|
|
||||||
|
export async function setUserSigningkey(keyid: string): Promise<void> {
|
||||||
|
await git(['config', 'user.signingkey', keyid]);
|
||||||
|
}
|
|
@ -1,4 +1,5 @@
|
||||||
import * as core from '@actions/core';
|
import * as core from '@actions/core';
|
||||||
|
import * as git from './git';
|
||||||
import * as gpg from './gpg';
|
import * as gpg from './gpg';
|
||||||
import * as openpgp from './openpgp';
|
import * as openpgp from './openpgp';
|
||||||
import * as stateHelper from './state-helper';
|
import * as stateHelper from './state-helper';
|
||||||
|
@ -50,6 +51,12 @@ async function run(): Promise<void> {
|
||||||
core.debug(stdout);
|
core.debug(stdout);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (/true/i.test(core.getInput('git_gpgsign'))) {
|
||||||
|
core.info('💎 Enable signing for this Git repository');
|
||||||
|
await git.enableCommitGpgsign();
|
||||||
|
await git.setUserSigningkey(privateKey.keyID);
|
||||||
|
}
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
core.setFailed(error.message);
|
core.setFailed(error.message);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Add table
Reference in a new issue