About

GitHub Action to easily import your GPG key to sign commits and tags.

If you are interested, check out my other :octocat: GitHub Actions!

Features

• Works on Linux and MacOS virtual environments
• Allow to seed the internal cache of gpg-agent with provided passphrase
• Enable signing for Git commits and tags
• Configure and check committer info against GPG key
• Purge imported GPG key and cache information from runner

Usage

name: import-gpg

on:
  push:
    branches: master

jobs:
  import-gpg:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Import GPG key
        uses: crazy-max/ghaction-import-gpg@v1
        with:
          git_gpgsign: true
        env:
          SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
          PASSPHRASE: ${{ secrets.PASSPHRASE }}

Customizing

inputs

Following inputs can be used as step.with keys

Name	Type	Description
git_gpgsign	Bool	Enable signing for this Git repository (default false)
git_committer_name	String	Commit author's name (default GITHUB_ACTOR or github-actions)
git_committer_email	String	Commit author's email (default <committer_name>@users.noreply.github.com)

environment variables

Following environment variables can be used as step.env keys

Name	Description
SIGNING_KEY	GPG private key exported as an ASCII armored version
PASSPHRASE	Passphrase of your GPG key if setted for your SIGNING_KEY

How can I help?

All kinds of contributions are welcome 🙌! The most basic way to show your support is to star 🌟 the project, or to raise issues 💬 You can also support this project by becoming a sponsor on GitHub 👏 or by making a Paypal donation to ensure this journey continues indefinitely! 🚀

Thanks again for your support, it is much appreciated! 🙏

License

MIT. See LICENSE for more details.