From ac07b74cceb49bba1e429d78a459d581edea2efc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alejandro=20Hern=C3=A1ndez?= Date: Wed, 13 May 2020 14:10:12 +0200 Subject: [PATCH] Allow importing GPG key as a base64 string (#14) --- README.md | 20 +++++++++++++++----- __tests__/openpgp.test.ts | 10 +++++++++- src/openpgp.ts | 5 ++++- 3 files changed, 28 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 7ee7a3e..ad903ab 100644 --- a/README.md +++ b/README.md @@ -36,13 +36,23 @@ ___ ## Prerequisites -First, export the GPG private key as an ASCII armored version: +First, export the GPG private key as an ASCII armored version to your clipboard: ```shell -gpg --armor --export-secret-key --output key.pgp joe@foo.bar +# macOS +gpg --armor --export-secret-key joe@foo.bar | pbcopy + +# Ubuntu (assuming GNU base64) +gpg --armor --export-secret-key joe@foo.bar -w0 | xclip + +# Arch +gpg --armor --export-secret-key joe@foo.bar | sed -z 's;\n;;g' | xclip -selection clipboard -i + +# FreeBSD (assuming BSD base64) +gpg --armor --export-secret-key joe@foo.bar | xclip ``` -Copy the content of `key.pgp` file as a [`secret`](https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets) named `GPG_PRIVATE_KEY` for example. Create another secret with the `PASSPHRASE` if applicable. +Paste your clipboard as a [`secret`](https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets) named `GPG_PRIVATE_KEY` for example. Create another secret with the `PASSPHRASE` if applicable. ## Usage @@ -141,11 +151,11 @@ Following outputs are available ### environment variables -Following environment variables can be used as `step.env` keys +Following environment variables must be used as `step.env` keys | Name | Description | |--------------------|---------------------------------------| -| `GPG_PRIVATE_KEY` | GPG private key exported as an ASCII armored version (**required**) | +| `GPG_PRIVATE_KEY` | GPG private key exported as an ASCII armored version or its base64 encoding (**required**) | | `PASSPHRASE` | Passphrase of the `GPG_PRIVATE_KEY` key if setted | ## How can I help? diff --git a/__tests__/openpgp.test.ts b/__tests__/openpgp.test.ts index 6a7114e..9e13902 100644 --- a/__tests__/openpgp.test.ts +++ b/__tests__/openpgp.test.ts @@ -19,7 +19,7 @@ const userInfo = { describe('openpgp', () => { describe('readPrivateKey', () => { - it('returns a PGP private key', async () => { + it('returns a PGP private key from an armored string', async () => { await openpgp.readPrivateKey(userInfo.pgp).then(privateKey => { expect(privateKey.keyID).toEqual(userInfo.keyID); expect(privateKey.name).toEqual(userInfo.name); @@ -27,6 +27,14 @@ describe('openpgp', () => { expect(privateKey.fingerprint).toEqual(userInfo.fingerprint); }); }); + it('returns a PGP private key from a base64 armored string', async () => { + await openpgp.readPrivateKey(Buffer.from(userInfo.pgp).toString('base64')).then(privateKey => { + expect(privateKey.keyID).toEqual(userInfo.keyID); + expect(privateKey.name).toEqual(userInfo.name); + expect(privateKey.email).toEqual(userInfo.email); + expect(privateKey.fingerprint).toEqual(userInfo.fingerprint); + }); + }); }); describe('generateKeyPair', () => { diff --git a/src/openpgp.ts b/src/openpgp.ts index bb6aa45..85b9ea9 100644 --- a/src/openpgp.ts +++ b/src/openpgp.ts @@ -18,7 +18,8 @@ export const readPrivateKey = async (armoredText: string): Promise = const { keys: [privateKey], err: err - } = await openpgp.key.readArmored(armoredText); + } = await openpgp.key.readArmored(isArmored(armoredText) ? armoredText : Buffer.from(armoredText, 'base64').toString()); + if (err?.length) { throw err[0]; } @@ -51,3 +52,5 @@ export const generateKeyPair = async (name: string, email: string, passphrase: s privateKey: keyPair.privateKeyArmored.replace(/\r\n/g, '\n').trim() }; }; + +const isArmored = (text: string) => text.trimLeft().startsWith('---');