Fix importing of base64 armored string (#18)

This commit is contained in:
Alejandro Hernández 2020-05-18 17:15:05 +02:00 committed by GitHub
parent 151c2def6c
commit fe2d0d79b1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 37 additions and 6 deletions

1
.github/test-key-base64.pgp vendored Normal file
View file

@ -0,0 +1 @@
LS0tLS1CRUdJTiBQR1AgUFJJVkFURSBLRVkgQkxPQ0stLS0tLQoKbFFQR0JGN0NmMU1CQ0FEYXdGRDVrK05kRm40YzNrMlNRQlV2UXA5R21kYmZjeFlwMjEvSEl1amtSVVhDVFB6YgoyaVdtclJmMUx1RFdnNlFmd0MzMFpHdWpQZmsxVWYrVlEvLzlXK1FFU0JMcHJnUm8vaXNvSUVBbEZYVFpyVGNvCkRocUxIaW04UkliVFVhNkJZNmJtdkRxeEpUN0RSR3Q0bExkdVZEK1UvaG5saXdVRTAxcW9TTHJYaUlLeTVJbjUKM29NRkMyWXNTSkN2cmVNT09oQzlYakRaQ1lrTFVaanZoY3JMQ0x4ZGJPUFZGSjgrZm9JK1hHK0IxeEREOVVMYQp5bGZTeHBJcEFRaTFEQ2R0Y3RLZnJsOGhUUDdieXp2NWM1ZUFoY1B0ek82VVBCdGgwNk5lUW5ORmZCeGVNZ1grCk9tRVNuUU5WRlkwdytmeEY0aGFDQ1pFTjZOTGV4NjZKWE9DaEFCRUJBQUgrQndNQ3k1NTZKUG1kZ2tydERxZnMKdzFIcXRaelBRVnYxT0oyL2VMbUYvYnlkblFJL3lsNEsrZUNvWXMvU0w1SVdpT0grcFFVcDQ3QWV5bkdtZjFxSgo2alVSZURsejlWa1d0VTNQNVhJc0NBVFQyYmdqbmJmOTZDdk05NUdBWDNqSlg5aC9laGVXTDRrY2Jzc2lWZnNkCjd2SUR5SGVvWXMrMG8wQXRqbmkrYmRZbnJjZ09tVVRuNSsxeUdTWXErK3Q4cXQ1QUR0elpoMitSN0JyTXN5TkUKdUJwd00yS25pbUo3YXh5ay9jNFpkMXJrSEREdkJZOGNEaXBNUXZwc1dYYmlBQTdZZ0tIVWlzR21zaGYzNkxIQgpEbmx1WWJDZWZJcWtqTEdDdjByVGErWGs2Y05vS0hsZ0g2N0kzNVE5NEE0Sm5kYUZ5blloN2xoZmNSQkhnR2NMCnVmV05NSWp0L25xaGJpUEFKZTBUNmNJN0o5eUlHdHRXVFVucVBkZXlFT05teGpMNWI0Y1IyTGRReWEyYld1OVIKQkIxdkIxaTdZNWJRSS9udzBkVmU4bTA5cGRaVkNsT3lJUlpOb1FHTFRjRktjTmllNTBocEpiTnRySzdjZkxVSwpwN1krYlU0TTJPenZCN1lKVjdVOHBwbzNJbTRicm4xWnNMSWhPVHorZEI4anV2WXA3QkY0aWdmTlFJam1xOVp5CjdqSVNHUFFhNU9sdDdGRllIamJHYk9wVXNMRjlVVlFmdkg0dTNnUmNFemhQOWw4WDRtQ29oU3ZjVWVtNzNkQnoKYWxLT2lFUTBlZEMxUUozUFNJaHlSTGpMakY0QldkcTJBdTlVWkNDWjZvRjZCVjhkSFBJYTZrUEVrUmY5ZE1GKwpPaElWdFpJVzRaSzVYdC9CZlBWUTlJYUp4WGpKbUV2NWRHOXZBSDRIZVU3L3pZZ2M0b0FzcHl5ZkZqTjcwd1RmCjU1aWNxbm15RzF5NlY1Q01GYzRpOXNxWkZ0ODd1cVRPZmxrZE9Ock9zaW5JVWpCZHRmWElRamk2eXR6OWxwSHAKSUpDR21CSGhYRkZrd29WN2pmKy9GMjM1ckpjK2JDV2ZqMEw2UDFranpxYW5YOUxFMUl2V1R2aWJscjlYb0VpTApHWVFsb3laYk9Ndlk0c2w4SXZDOXRXeUFSTXdnRjB1T1ExWnlpa1REcFhhZUordzhRSTZXdkthM2lrc3gwWXZRClhWMXB5WmJxZjZ4eXRCaEtiMlVnVkdWemRHVnlJRHhxYjJWQVptOXZMbUpoY2o2SkFWUUVFd0VJQUQ0V0lRUWEKY2RFL0NUaE9aMW1pL1hyUGx1M0E2MEcrT3dVQ1hzSi9Vd0liQXdVSkE4Sm5BQVVMQ1FnSEFnWVZDZ2tJQ3dJRQpGZ0lEQVFJZUFRSVhnQUFLQ1JEUGx1M0E2MEcrT3hFMkNBQ3p5aldPTG1ZcG1NOW1pUmxWcTVsVDdic3NZKy9JClVsczhadmd6TnJJbXg1TE1HSy9HMGFTVStLems2NGFlZlNubFY4OWM1Yy9IYUpYZlB0VWVJd3FYNG9iOWJ1WmcKWGxKTmVqcTd2V0JPSDJoZXBVUXFmYTFMYjJRZ01COE11REY2MUkwWE5MLzVqRHN0K3RlQW5uNFFId3VTQ3hTRQptdUx3VE9IMDhYeTdaWkFUMm9EZ1pFUnE2QVUyODRKejVkVmh4SnFIc0loSnNaRy9TK1pHTkFERndHRVY2S2ZvCmwrMk9aMkJnSHVmam9rR0FKMDB3VlU2dFdHVG52d3NENWwyMlMrRXRvRnZhM09XTDVuSFQ1d0hSeUZCRituSEkKc0NrRHRtRnk5OWJ3MGhaRldUaEhIR2dpSmRyTmxTVVZOVkY2U2tpbmptczI3SVlUWTBHL2FqZ1JuUVBHQkY3QwpmMU1CQ0FDWTYrM29QeHY4dXM4RlI1VDExcHFYZ2FOdUxCUWxKWFJTUi9mVTV1eFpkeFNVWitCa0VjWC95encvCnN3UHQwM01vU2lHT0htOWhtaEs2S3Rpc3hQZ0JadTQxanU4aFNEeWpzdXVHQzNERTdrbkJlR255ZWJNaWlWYTIKRGJrblVyd3paOU80QzJOc0xBQzl0MTAwU3JKbnlPYmpOM2owUDJMa1pQQmd1blluWmo2TVFGZnpYUW41RHNTcwpqZUVjd0d3MDU1K2ZUZ1J1SW5CS2RaM3JIS3lsMm96dmVmRjVxeUxJSFZ1RFUvMkJ3R0xkUFd0Q3N2bVdKcTQyCi8xc2ZoaHkwRjFHbnFDcDFWUmZwdE1GdmxoZDgyZUVuZTFYbTVBZXAyNnJFaGhkR0NqU2l4SGsyRE8yTnZKQWYKdGZKY0x2UG0vS05wR0M3Ky8rU3VXeUlQOFYxeEFCRUJBQUgrQndNQ0lxMEFCMGtVeHgzdCtoZTBvOHZtTlM4dwpBcXN2RzlyUFExM1lWQWJzcmI0ZFlTVFp5Z0wxTCthd0hmM0ZKaXRhMDY5UEJWamZEYmtFWmN4bnY1OUJWR0lmClg5ZXY1dXJORzdFRFFVeVl1MzR6bFdGN3dhS3pNT01DS0RhYjRjdXdOT1N6OTd4U3VCeWRyRnFUUThHdWZ4Yk4KZjFEQVBaczB3Mk5GY25ZeVhpaU5QYkpUNFlrNWJsYUhieGRQVXArOS9HZE1FbGpPZVdPRUJOeDZyQjVORW4zNgozczVLMTg5aEx0UDJGMnFDcmZ2OGJMRnl4QmJ6WEdSc3hiai9zRWZHNmRHem83alNxSUlZMTRmcFJTREhGWG4xCkZBNlVjRnZGR21qRXF1UGZQaWVkNTVwN2tuK2I0T1FjV2cwbC83WnJGclRkU3hDY3JHcHN3RHp6ajRXMW5FcHAKNk9oMzkxVnBEeThOOTdXYWwxTGgvNjJYaGV2aHJoSFZtNFVqUDhqblh5WHlqUUJSUE4vKzBRWlpGTnU3bzVCRApMQ0NBaXdIUitlQ2U1Ym5VQ216WmY5L2NzQVNXNUtNWHhvcVZIOWR1QzFOSW1vZEMyYnhlRC9hMnBoOEdFMVJNCkZFVG1aL2ZsUlNyMUtxbjJMbDE3VHZ6ZkJiVnFqeG1yZ3hSTTAxYjNJL2g2azlCQmpjK2V5ckdWcG1OeUFuWG8KTzZpOWE0K0J5VkpsanpGV1JxS3Z3RDVLYWg1dWhBSWU3dVQydGRZQ1dZY0owUnNlUlFhZHNYUDFwV1MrbFZ4YQp0bk1BWm5CRlg0c3NjcGx2QmJFL0FHQTlmSE9Bek9rNG0yZXRzMWhmRjFvNURKbG8vMXo2ZkdocVVNMTRhLzgrCjJQZDF1RWJXamE5UjJLWGlTbXNEQmo4dXM5NnZFU2xySHYxT3YwbUpEc2JhbjNMeXkwTEg2U3N3Z25PWkNIZmgKTnArNnhJZ2thRGJBUUo5bzc5eHhhTlNvdERRZjlsKzlPS2RldWhnaUJzbWZUM2tuNHpac09OdnZsQ01RL3pBWgowQVNxdE1LYndUQ2NYeGVhbWRhQUZ4MkdnTmJ6NWs4Q1BvNlRhQll3dXkyaXFsSUZ2S1MyUWkwM2pOK1BBV1J6CkhSeFBXYUwyMFJ0VG05WjlmaXg3R044ZGQ3VVlYUDY0Q3Jyd1BiL0VIOW1MaDVUSVJmd2N5aUtaaTBGWmRNVGUKMUFoaWlRRThCQmdCQ0FBbUZpRUVHbkhSUHdrNFRtZFpvdjE2ejVidHdPdEJ2anNGQWw3Q2YxTUNHd3dGQ1FQQwpad0FBQ2drUXo1YnR3T3RCdmp2WFZBZ0FxNE1iK2NjaGhaT1N2dHBuMVdVR2RIWEZ0TERmMXlWR2xCTUdQQ2UzCnM3TDk1LzVpVkdKUWdJVmdKRzZnNDQ3ZDFjSUNNWTlHLzRYa3VkaE1aWDVQZ2FMQ3dPWnhadTVVYkl2cFYxaW8KV1YxYzIyNXZuY3FYbVgxZ3NsT2RHTzdrbHRta0tOTmQzVDBzc0lndjZBY3p3ZWdUM2svYzRzdE1wcSs0d0VPZwp4QjBtTjUvZXNFSjVSWGtMWDUxVFUzdGovNVZXTFEwMUdPRUhDQVZhUFpLRGpiYU5yNGRPbHBDZE04TWsxQmJuCkVNUUtML3J5UmJZU0xYK0ViOHN5Rll4NUVkWkxqc215Q1o4em1QZG01NURsVnh1Tm5CMjRNb0tGSExhYXdLL2MKaTA3VkVOR3k0OWw3dG1lTmRhK1QyNG04bkNlTzkveitqS1MxdUxQbjRZdkp6QT09Cj1DQ3F0Ci0tLS0tRU5EIFBHUCBQUklWQVRFIEtFWSBCTE9DSy0tLS0tCg==

View file

@ -32,6 +32,7 @@ jobs:
script: | script: |
const fs = require('fs'); const fs = require('fs');
core.setOutput('pgp', fs.readFileSync('.github/test-key.pgp', {encoding: 'utf8'})); core.setOutput('pgp', fs.readFileSync('.github/test-key.pgp', {encoding: 'utf8'}));
core.setOutput('pgp-base64', fs.readFileSync('.github/test-key-base64.pgp', {encoding: 'utf8'}));
core.setOutput('passphrase', fs.readFileSync('.github/test-key.pass', {encoding: 'utf8'})); core.setOutput('passphrase', fs.readFileSync('.github/test-key.pass', {encoding: 'utf8'}));
- -
name: Import GPG private key name: Import GPG private key
@ -52,3 +53,22 @@ jobs:
echo "keyid: ${{ steps.import_gpg.outputs.keyid }}" echo "keyid: ${{ steps.import_gpg.outputs.keyid }}"
echo "name: ${{ steps.import_gpg.outputs.name }}" echo "name: ${{ steps.import_gpg.outputs.name }}"
echo "email: ${{ steps.import_gpg.outputs.email }}" echo "email: ${{ steps.import_gpg.outputs.email }}"
-
name: Import GPG private key in base64 format
id: import_gpg_base64
uses: ./
with:
git_user_signingkey: true
git_commit_gpgsign: true
git_tag_gpgsign: true
git_push_gpgsign: true
env:
GPG_PRIVATE_KEY: ${{ steps.test.outputs.pgp-base64 }}
PASSPHRASE: ${{ steps.test.outputs.passphrase }}
-
name: GPG user IDs
run: |
echo "fingerprint: ${{ steps.import_gpg_base64.outputs.fingerprint }}"
echo "keyid: ${{ steps.import_gpg_base64.outputs.keyid }}"
echo "name: ${{ steps.import_gpg_base64.outputs.name }}"
echo "email: ${{ steps.import_gpg_base64.outputs.email }}"

View file

@ -40,12 +40,18 @@ describe('gpg', () => {
}); });
describe('importKey', () => { describe('importKey', () => {
it('imports key to GnuPG', async () => { it('imports key (as armored string) to GnuPG', async () => {
await gpg.importKey(userInfo.pgp).then(output => { await gpg.importKey(userInfo.pgp).then(output => {
console.log(output); console.log(output);
expect(output).not.toEqual(''); expect(output).not.toEqual('');
}); });
}); });
it('imports key (as base64 string) to GnuPG', async () => {
await gpg.importKey(Buffer.from(userInfo.pgp).toString('base64')).then(output => {
console.log(output);
expect(output).not.toEqual('');
});
});
}); });
describe('getKeygrip', () => { describe('getKeygrip', () => {

5
dist/index.js generated vendored
View file

@ -1270,10 +1270,11 @@ exports.getDirs = () => __awaiter(void 0, void 0, void 0, function* () {
}; };
}); });
}); });
exports.importKey = (armoredText) => __awaiter(void 0, void 0, void 0, function* () { exports.importKey = (key) => __awaiter(void 0, void 0, void 0, function* () {
const keyFolder = fs.mkdtempSync(path.join(os.tmpdir(), 'ghaction-import-gpg-')); const keyFolder = fs.mkdtempSync(path.join(os.tmpdir(), 'ghaction-import-gpg-'));
const keyPath = `${keyFolder}/key.pgp`; const keyPath = `${keyFolder}/key.pgp`;
fs.writeFileSync(keyPath, armoredText, { mode: 0o600 }); const armored = key.trimLeft().startsWith('---') ? key : Buffer.from(key, 'base64').toString();
fs.writeFileSync(keyPath, armored, { mode: 0o600 });
return yield exec return yield exec
.exec('gpg', ['--import', '--batch', '--yes', keyPath], true) .exec('gpg', ['--import', '--batch', '--yes', keyPath], true)
.then(res => { .then(res => {

View file

@ -42,4 +42,4 @@
"typescript": "^3.9.2", "typescript": "^3.9.2",
"typescript-formatter": "^7.2.2" "typescript-formatter": "^7.2.2"
} }
} }

View file

@ -102,10 +102,13 @@ export const getDirs = async (): Promise<Dirs> => {
}); });
}; };
export const importKey = async (armoredText: string): Promise<string> => { export const importKey = async (key: string): Promise<string> => {
const keyFolder: string = fs.mkdtempSync(path.join(os.tmpdir(), 'ghaction-import-gpg-')); const keyFolder: string = fs.mkdtempSync(path.join(os.tmpdir(), 'ghaction-import-gpg-'));
const keyPath: string = `${keyFolder}/key.pgp`; const keyPath: string = `${keyFolder}/key.pgp`;
fs.writeFileSync(keyPath, armoredText, {mode: 0o600});
const armored: string = key.trimLeft().startsWith('---') ? key : Buffer.from(key, 'base64').toString();
fs.writeFileSync(keyPath, armored, {mode: 0o600});
return await exec return await exec
.exec('gpg', ['--import', '--batch', '--yes', keyPath], true) .exec('gpg', ['--import', '--batch', '--yes', keyPath], true)