actions/gpg
1
0
Fork 0
mirror of https://github.com/crazy-max/ghaction-import-gpg.git synced 2024-09-17 23:17:06 -04:00
Code Issues Projects Releases Packages Wiki Activity

Update README

Browse source
This commit is contained in:
CrazyMax 2020-05-11 19:20:28 +02:00
parent 2624ea18fb
commit e50cb4f26a
No known key found for this signature in database
GPG key ID: 3248E46B6BB8C7F7
1 changed files with 45 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
README.md
View file

@ -13,6 +13,19 @@ If you are interested, [check out](https://git.io/Je09Y) my other :octocat: GitH
![Import GPG](.github/ghaction-import-gpg.png)
___
* [Features](#features)
* [Prerequisites](#prerequisites)
* [Usage](#usage)
* [Workflow](#workflow)
* [Sign commits](#sign-commits)
* [Customizing](#customizing)
* [inputs](#inputs)
* [environment variables](#environment-variables)
* [How can I help?](#how-can-i-help)
* [License](#license)
## Features
* Works on Linux, MacOS and Windows [virtual environments](https://help.github.com/en/articles/virtual-environments-for-github-actions#supported-virtual-environments-and-hardware-resources)
@ -21,7 +34,7 @@ If you are interested, [check out](https://git.io/Je09Y) my other :octocat: GitH
* (Git) Enable signing for Git commits, tags and pushes
* (Git) Configure and check committer info against GPG key
## Usage
## Prerequisites
First, export the GPG private key as an ASCII armored version:
@ -31,6 +44,10 @@ gpg --armor --export-secret-key --output key.pgp joe@foo.bar
Copy the content of `key.pgp` file as a [`secret`](https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets) named `GPG_PRIVATE_KEY` for example. Create another secret with the `PASSPHRASE` if applicable.
## Usage
### Workflow
```yaml
name: import-gpg
@ -49,10 +66,6 @@ jobs:
name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v1
with:
git_user_signingkey: true
git_commit_gpgsign: true
git_tag_gpgsign: true
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
PASSPHRASE: ${{ secrets.PASSPHRASE }}
@ -62,6 +75,33 @@ jobs:
echo "fingerprint: ${{ steps.import_gpg.outputs.fingerprint }}"
echo "keyid: ${{ steps.import_gpg.outputs.keyid }}"
echo "email: ${{ steps.import_gpg.outputs.email }}"
```
### Sign commits
```yaml
name: import-gpg
on:
push:
branches: master
jobs:
sign-commit:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v1
with:
git_user_signingkey: true
git_commit_gpgsign: true
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
PASSPHRASE: ${{ secrets.PASSPHRASE }}
-
name: Sign commit and push changes
run: |