actions/gpg
1
0
Fork 0
mirror of https://github.com/crazy-max/ghaction-import-gpg.git synced 2024-11-05 21:25:50 -05:00
Code Issues Projects Releases Packages Wiki Activity
gpg/README.md
CrazyMax 16c87f2e17
Bring back support for Windows
2020-05-06 00:31:46 +02:00

3.8 KiB
Raw Blame History

GitHub release GitHub marketplace Test workflow Become a sponsor Paypal Donate

About

GitHub Action to easily import your GPG key to sign commits and tags.

If you are interested, check out my other :octocat: GitHub Actions!

Import GPG key

Features

  • Works on Linux, MacOS and Windows virtual environments
  • Allow to seed the internal cache of gpg-agent with provided passphrase
  • Enable signing for Git commits and tags
  • Configure and check committer info against GPG key
  • Purge imported GPG key, cache information and kill agent from runner

Usage

On your local machine, export the GPG private key as an ASCII armored version:

gpg --armor --export-secret-key --output key.pgp joe@foo.bar

Copy the content of key.pgp file as a secret named SIGNING_KEY for example. Create another secret with your PASSPHRASE if applicable.

name: import-gpg

on:
  push:
    branches: master

jobs:
  import-gpg:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Import GPG key
        uses: crazy-max/ghaction-import-gpg@v1
        with:
          git_gpgsign: true
        env:
          SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
          PASSPHRASE: ${{ secrets.PASSPHRASE }}

Customizing

inputs

Following inputs can be used as step.with keys

Name Type Description
git_gpgsign Bool Enable signing for this Git repository (default false)
git_committer_name String Commit author's name (default GITHUB_ACTOR or github-actions)
git_committer_email String Commit author's email (default <committer_name>@users.noreply.github.com)

environment variables

Following environment variables can be used as step.env keys

Name Description
SIGNING_KEY GPG private key exported as an ASCII armored version
PASSPHRASE Passphrase of your GPG key if setted for your SIGNING_KEY

How can I help?

All kinds of contributions are welcome 🙌! The most basic way to show your support is to star 🌟 the project, or to raise issues 💬 You can also support this project by becoming a sponsor on GitHub 👏 or by making a Paypal donation to ensure this journey continues indefinitely! 🚀

Thanks again for your support, it is much appreciated! 🙏

License

MIT. See LICENSE for more details.