mirror of
https://github.com/crazy-max/ghaction-import-gpg.git
synced 2024-12-26 04:52:08 -05:00
Action to import a GPG key with environment secrets
.github | ||
.res | ||
__tests__ | ||
dist | ||
src | ||
.editorconfig | ||
.gitattributes | ||
.gitignore | ||
.prettierrc.json | ||
action.yml | ||
CHANGELOG.md | ||
jest.config.js | ||
LICENSE | ||
package-lock.json | ||
package.json | ||
README.md | ||
tsconfig.json |
About
GitHub Action to easily import your GPG key to sign commits and tags.
If you are interested, check out my other :octocat: GitHub Actions!
Features
- Works on Linux and MacOS virtual environments
- Allow to seed the internal cache of
gpg-agent
with provided passphrase - Purge imported GPG key and cache information from runner (security)
- Enable signing for Git commits and tags
Usage
name: import-gpg
on:
push:
branches: master
jobs:
import-gpg:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v1
with:
git_gpgsign: true
env:
SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
PASSPHRASE: ${{ secrets.PASSPHRASE }}
Customizing
inputs
Following inputs can be used as step.with
keys
Name | Type | Description |
---|---|---|
git_gpgsign |
Bool | Enable signing for this Git repository (default false ) |
environment variables
Following environment variables can be used as step.env
keys
Name | Description |
---|---|
SIGNING_KEY |
GPG private key exported as an ASCII armored version |
PASSPHRASE |
Passphrase of your GPG key if setted for your SIGNING_KEY |
How can I help?
All kinds of contributions are welcome 🙌! The most basic way to show your support is to star 🌟 the project, or to raise issues 💬 You can also support this project by becoming a sponsor on GitHub 👏 or by making a Paypal donation to ensure this journey continues indefinitely! 🚀
Thanks again for your support, it is much appreciated! 🙏
License
MIT. See LICENSE
for more details.