forked from hashicorp/ghaction-import-gpg
-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yml
40 lines (38 loc) · 1.32 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# action.yml
name: "GPG key import"
description: "Import private GPG key"
runs:
using: "composite"
steps:
- id: set-default-cache-ttl
run: |
gpg-agent --daemon --default-cache-ttl 7200
shell: bash
name: set default cache ttl
- run: |
#
echo -e "${{ env.GPG_PRIVATE_KEY }}" | gpg --import --batch --no-tty
echo "hello world" > temp.txt
gpg --detach-sig --yes -v --output=/dev/null --pinentry-mode loopback --passphrase "${{ env.PASSPHRASE }}" temp.txt
rm temp.txt
shell: bash
name: import GPG key and prime passphrase
- id: gpg-fingerprint
run: |
fingerprint=$(gpg --with-colons --list-keys | awk -F: '/^pub/ { print $5 }')
echo "::set-output name=fingerprint::$fingerprint"
shell: bash
name: set gpg key fingerprint
- id: gpg-pubkey
run: |
pubkey=$(gpg --export --armor ${{ steps.gpg-fingerprint.outputs.fingerprint }} | sed 's/$/\\n/' | tr -d '\n')
echo "::set-output name=pubkey::$pubkey"
shell: bash
name: set gpg key pubkey
outputs:
fingerprint:
description: "Fingerprint of the GPG key"
value: ${{ steps.gpg-fingerprint.outputs.fingerprint }}
pubkey:
description: "Base64 encoded, armored pubkey of the GPG key"
value: ${{ steps.gpg-pubkey.outputs.pubkey }}