huoxue1
/
goreleaser-action
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Env var template in signing configuration does not seems to work

This commit is contained in:
CrazyMax 2020-05-10 16:12:19 +02:00
parent c2638bf40c
commit 145323343f
No known key found for this signature in database
GPG Key ID: 3248E46B6BB8C7F7
3 changed files with 3 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/ci.yaml vendored
View File

@ -73,7 +73,6 @@ jobs:
go-version: 1.13 go-version: 1.13
- -
name: Import GPG key name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v1 uses: crazy-max/ghaction-import-gpg@v1
env: env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY_TEST }} GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY_TEST }}
@ -84,13 +83,9 @@ jobs:
with: with:
version: latest version: latest
args: -f .goreleaser-signing.yml check --debug args: -f .goreleaser-signing.yml check --debug
env:
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
- -
name: GoReleaser name: GoReleaser
uses: ./ uses: ./
with: with:
version: latest version: latest
args: -f .goreleaser-signing.yml release --skip-publish --rm-dist args: -f .goreleaser-signing.yml release --skip-publish --rm-dist
env:
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}

2
.goreleaser-signing.yml
View File

@ -37,4 +37,4 @@ checksum:
signs: signs:
- -
artifacts: checksum artifacts: checksum
args: ["--batch", "-u", "{{ .Env.GPG_FINGERPRINT }}", "--output", "${signature}", "--detach-sign", "${artifact}"] args: ["--batch", "-u", "27571A53B86AF0C799B38BA77D851EB72D73BDA0", "--output", "${signature}", "--detach-sign", "${artifact}"]

6
README.md
View File

@ -97,7 +97,6 @@ If [signing is enabled](https://goreleaser.com/customization/#Signing) in your G
```yaml ```yaml
- -
name: Import GPG key name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v1 uses: crazy-max/ghaction-import-gpg@v1
env: env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
@ -110,15 +109,14 @@ If [signing is enabled](https://goreleaser.com/customization/#Signing) in your G
args: release --rm-dist args: release --rm-dist
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
``` ```
Reference the fingerprint in your signing configuration using the `GPG_FINGERPRINT` envrionment variable: And reference the userID in your signing configuration:
```yaml ```yaml
signs: signs:
- artifacts: checksum - artifacts: checksum
args: ["--batch", "-u", "{{ .Env.GPG_FINGERPRINT }}", "--output", "${signature}", "--detach-sign", "${artifact}"] args: ["--batch", "-u", "<key id, fingerprint, email, ...>", "--output", "${signature}", "--detach-sign", "${artifact}"]
``` ```
## Customizing ## Customizing