mirror of
https://github.com/crazy-max/ghaction-import-gpg.git
synced 2024-11-09 15:03:31 -05:00
191 lines
5.1 KiB
YAML
191 lines
5.1 KiB
YAML
name: ci
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
on:
|
|
schedule:
|
|
- cron: '0 10 * * *'
|
|
push:
|
|
branches:
|
|
- 'master'
|
|
- 'releases/v*'
|
|
tags:
|
|
- 'v*'
|
|
pull_request:
|
|
branches:
|
|
- 'master'
|
|
- 'releases/v*'
|
|
|
|
jobs:
|
|
gpg:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
-
|
|
name: GPG conf
|
|
run: |
|
|
cat ~/.gnupg/gpg.conf || true
|
|
|
|
armored:
|
|
runs-on: ${{ matrix.os }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
key:
|
|
- test-key
|
|
- test-subkey
|
|
global:
|
|
- false
|
|
- true
|
|
os:
|
|
- ubuntu-latest
|
|
- macOS-latest
|
|
- windows-latest
|
|
include:
|
|
- key: test-subkey
|
|
fingerprint: C17D11ADF199F12A30A0910F1F80449BE0B08CB8
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v3
|
|
-
|
|
name: GPG conf
|
|
uses: actions/github-script@v6
|
|
with:
|
|
script: |
|
|
const fs = require('fs');
|
|
const gnupgfolder = `${require('os').homedir()}/.gnupg`;
|
|
if (!fs.existsSync(gnupgfolder)){
|
|
fs.mkdirSync(gnupgfolder);
|
|
}
|
|
fs.chmodSync(gnupgfolder, '0700');
|
|
fs.copyFile('__tests__/fixtures/gpg.conf', `${gnupgfolder}/gpg.conf`, (err) => {
|
|
if (err) throw err;
|
|
});
|
|
-
|
|
name: Get test key and passphrase
|
|
uses: actions/github-script@v6
|
|
id: test
|
|
with:
|
|
script: |
|
|
const fs = require('fs');
|
|
core.setOutput('pgp', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}.pgp', {encoding: 'utf8'}));
|
|
core.setOutput('passphrase', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}.pass', {encoding: 'utf8'}));
|
|
-
|
|
name: Import GPG
|
|
uses: ./
|
|
with:
|
|
gpg_private_key: ${{ steps.test.outputs.pgp }}
|
|
passphrase: ${{ steps.test.outputs.passphrase }}
|
|
trust_level: 5
|
|
git_config_global: ${{ matrix.global }}
|
|
git_user_signingkey: true
|
|
git_commit_gpgsign: true
|
|
git_tag_gpgsign: true
|
|
git_push_gpgsign: if-asked
|
|
fingerprint: ${{ matrix.fingerprint }}
|
|
-
|
|
name: List keys
|
|
run: |
|
|
gpg -K
|
|
shell: bash
|
|
|
|
base64:
|
|
runs-on: ${{ matrix.os }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
key:
|
|
- test-key
|
|
- test-subkey
|
|
os:
|
|
- ubuntu-latest
|
|
- macOS-latest
|
|
- windows-latest
|
|
include:
|
|
- key: test-subkey
|
|
fingerprint: C17D11ADF199F12A30A0910F1F80449BE0B08CB8
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v3
|
|
-
|
|
name: Get test key and passphrase
|
|
uses: actions/github-script@v6
|
|
id: test
|
|
with:
|
|
script: |
|
|
const fs = require('fs');
|
|
core.setOutput('pgp-base64', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}-base64.pgp', {encoding: 'utf8'}));
|
|
core.setOutput('passphrase', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}.pass', {encoding: 'utf8'}));
|
|
-
|
|
name: Import GPG
|
|
uses: ./
|
|
with:
|
|
gpg_private_key: ${{ steps.test.outputs.pgp-base64 }}
|
|
passphrase: ${{ steps.test.outputs.passphrase }}
|
|
git_user_signingkey: true
|
|
git_commit_gpgsign: true
|
|
git_tag_gpgsign: true
|
|
git_push_gpgsign: if-asked
|
|
fingerprint: ${{ matrix.fingerprint }}
|
|
|
|
trust:
|
|
runs-on: ${{ matrix.os }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
key:
|
|
- test-key
|
|
level:
|
|
- ''
|
|
- 5
|
|
- 4
|
|
- 3
|
|
- 2
|
|
- 1
|
|
os:
|
|
- ubuntu-latest
|
|
- macOS-latest
|
|
- windows-latest
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v3
|
|
-
|
|
name: GPG conf
|
|
uses: actions/github-script@v6
|
|
with:
|
|
script: |
|
|
const fs = require('fs');
|
|
const gnupgfolder = `${require('os').homedir()}/.gnupg`;
|
|
if (!fs.existsSync(gnupgfolder)){
|
|
fs.mkdirSync(gnupgfolder);
|
|
}
|
|
fs.chmodSync(gnupgfolder, '0700');
|
|
fs.copyFile('__tests__/fixtures/gpg.conf', `${gnupgfolder}/gpg.conf`, (err) => {
|
|
if (err) throw err;
|
|
});
|
|
-
|
|
name: Get test key and passphrase
|
|
uses: actions/github-script@v6
|
|
id: test
|
|
with:
|
|
script: |
|
|
const fs = require('fs');
|
|
core.setOutput('pgp', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}.pgp', {encoding: 'utf8'}));
|
|
core.setOutput('passphrase', fs.readFileSync('__tests__/fixtures/${{ matrix.key }}.pass', {encoding: 'utf8'}));
|
|
-
|
|
name: Import GPG
|
|
id: import_gpg
|
|
uses: ./
|
|
with:
|
|
gpg_private_key: ${{ steps.test.outputs.pgp }}
|
|
passphrase: ${{ steps.test.outputs.passphrase }}
|
|
trust_level: ${{ matrix.level }}
|
|
-
|
|
name: List trust values
|
|
run: |
|
|
gpg --export-ownertrust
|
|
shell: bash
|