gpg/.github/workflows/ci.yml

192 lines
5.1 KiB
YAML
Raw Normal View History

2020-05-03 15:09:41 -04:00
name: ci
2023-05-06 17:46:50 -04:00
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
2020-05-03 15:09:41 -04:00
on:
2020-05-23 19:14:15 -04:00
schedule:
- cron: '0 10 * * *'
2020-05-03 15:09:41 -04:00
push:
branches:
- 'master'
- 'releases/v*'
tags:
- 'v*'
pull_request:
branches:
- 'master'
- 'releases/v*'
2020-05-03 15:09:41 -04:00
jobs:
gpg:
runs-on: ubuntu-latest
steps:
-
name: GPG conf
run: |
cat ~/.gnupg/gpg.conf || true
2020-05-18 11:18:07 -04:00
armored:
2020-05-03 15:35:54 -04:00
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
key:
- test-key
- test-subkey
global:
- false
- true
2020-05-03 15:35:54 -04:00
os:
- ubuntu-latest
- macOS-latest
2020-05-05 18:31:46 -04:00
- windows-latest
include:
- key: test-subkey
fingerprint: C17D11ADF199F12A30A0910F1F80449BE0B08CB8
2020-05-03 15:09:41 -04:00
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: GPG conf
uses: actions/github-script@v7
with:
script: |
const fs = require('fs');
const gnupgfolder = `${require('os').homedir()}/.gnupg`;
if (!fs.existsSync(gnupgfolder)){
fs.mkdirSync(gnupgfolder);
}
2023-05-06 12:20:11 -04:00
fs.chmodSync(gnupgfolder, '0700');
fs.copyFile('__tests__/fixtures/gpg.conf', `${gnupgfolder}/gpg.conf`, (err) => {
if (err) throw err;
});
-
2020-05-12 14:48:02 -04:00
name: Get test key and passphrase
uses: actions/github-script@v7
2020-05-12 14:30:44 -04:00
id: test
2020-05-12 14:36:05 -04:00
with:
script: |
2020-05-12 14:37:28 -04:00
const fs = require('fs');
core.setOutput('pgp', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}.pgp', {encoding: 'utf8'}));
core.setOutput('passphrase', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}.pass', {encoding: 'utf8'}));
2020-05-03 15:09:41 -04:00
-
2020-05-18 11:18:07 -04:00
name: Import GPG
2020-05-03 15:09:41 -04:00
uses: ./
with:
gpg_private_key: ${{ steps.test.outputs.pgp }}
passphrase: ${{ steps.test.outputs.passphrase }}
2023-05-06 12:20:11 -04:00
trust_level: 5
git_config_global: ${{ matrix.global }}
git_user_signingkey: true
git_commit_gpgsign: true
git_tag_gpgsign: true
git_push_gpgsign: if-asked
fingerprint: ${{ matrix.fingerprint }}
2020-05-07 14:46:52 -04:00
-
name: List keys
2020-05-07 14:46:52 -04:00
run: |
gpg -K
shell: bash
2020-05-18 11:18:07 -04:00
base64:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
key:
- test-key
- test-subkey
2020-05-18 11:18:07 -04:00
os:
- ubuntu-latest
- macOS-latest
- windows-latest
include:
- key: test-subkey
fingerprint: C17D11ADF199F12A30A0910F1F80449BE0B08CB8
2020-05-18 11:18:07 -04:00
steps:
-
name: Checkout
uses: actions/checkout@v4
-
2020-05-18 11:18:07 -04:00
name: Get test key and passphrase
uses: actions/github-script@v7
2020-05-18 11:18:07 -04:00
id: test
with:
script: |
const fs = require('fs');
core.setOutput('pgp-base64', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}-base64.pgp', {encoding: 'utf8'}));
core.setOutput('passphrase', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}.pass', {encoding: 'utf8'}));
2020-05-18 11:18:07 -04:00
-
name: Import GPG
uses: ./
with:
gpg_private_key: ${{ steps.test.outputs.pgp-base64 }}
passphrase: ${{ steps.test.outputs.passphrase }}
git_user_signingkey: true
git_commit_gpgsign: true
git_tag_gpgsign: true
git_push_gpgsign: if-asked
fingerprint: ${{ matrix.fingerprint }}
2023-05-06 12:20:11 -04:00
trust:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
key:
- test-key
level:
- ''
- 5
- 4
- 3
- 2
- 1
os:
- ubuntu-latest
- macOS-latest
- windows-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
2023-05-06 12:20:11 -04:00
-
name: GPG conf
uses: actions/github-script@v7
2023-05-06 12:20:11 -04:00
with:
script: |
const fs = require('fs');
const gnupgfolder = `${require('os').homedir()}/.gnupg`;
if (!fs.existsSync(gnupgfolder)){
fs.mkdirSync(gnupgfolder);
}
fs.chmodSync(gnupgfolder, '0700');
fs.copyFile('__tests__/fixtures/gpg.conf', `${gnupgfolder}/gpg.conf`, (err) => {
if (err) throw err;
});
-
name: Get test key and passphrase
uses: actions/github-script@v7
2023-05-06 12:20:11 -04:00
id: test
with:
script: |
const fs = require('fs');
core.setOutput('pgp', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}.pgp', {encoding: 'utf8'}));
core.setOutput('passphrase', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}.pass', {encoding: 'utf8'}));
-
name: Import GPG
id: import_gpg
uses: ./
with:
gpg_private_key: ${{ steps.test.outputs.pgp }}
passphrase: ${{ steps.test.outputs.passphrase }}
trust_level: ${{ matrix.level }}
-
name: List trust values
run: |
gpg --export-ownertrust
shell: bash