From 22750fd5a4c9f514e5ae7bdaea24555e897a5d90 Mon Sep 17 00:00:00 2001 From: Dan Petersen Date: Wed, 10 Feb 2021 03:14:00 +0100 Subject: [PATCH] Attempt to fix GPG issues --- .github/workflows/release.yml | 46 ++++++++++++++++++++++++-------- .github/workflows/test.yml | 46 ++++++++++++++++++++++++-------- .goreleaser.test.yml | 37 ++++++++++++++++++++++++++ .goreleaser.yml | 49 +++++++++++++++++++---------------- 4 files changed, 133 insertions(+), 45 deletions(-) create mode 100644 .goreleaser.test.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 92053226..c5fd86aa 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,19 +18,43 @@ jobs: uses: actions/setup-go@v2 with: go-version: 1.15 + - + name: Install the required version of GoReleaser + env: + GORELEASER_VERSION: '0.155.1' + run: | + curl -sL -o goreleaser_amd64.deb "https://github.com/goreleaser/goreleaser/releases/download/v${GORELEASER_VERSION}/goreleaser_amd64.deb" + sudo dpkg -i goreleaser_amd64.deb + rm -f goreleaser_amd64.deb - name: Import the GPG signing key - id: import_gpg - uses: danitso/ghaction-import-gpg@master - with: - gpg-private-key: ${{ secrets.GPG_KEY }} - passphrase: ${{ secrets.GPG_PASSPHRASE }} + env: + GPG_KEY: ${{ secrets.GPG_KEY }} + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + run: | + mkdir -p ~/.gnupg + + cat << EOF > ~/.gnupg/gpg.conf + use-agent + pinentry-mode loopback + EOF + + echo "$GPG_KEY" | base64 -d | gpg --batch --allow-secret-key-import --import + gpg --keyid-format LONG --list-secret-keys + + cat << EOF > ~/.gnupg/gpg-agent.conf + default-cache-ttl 7200 + max-cache-ttl 31536000 + allow-loopback-pinentry + allow-preset-passphrase + EOF + + echo RELOADAGENT | gpg-connect-agent + + printf '%s' "$GPG_PASSPHRASE" > ./.gpg_passphrase - name: Create release - uses: danitso/goreleaser-action@v2 - with: - version: latest - args: release --rm-dist env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} + GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} + run: | + goreleaser build --parallelism 2 --rm-dist --timeout 1h diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index eac20654..e8be4a0a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -20,19 +20,43 @@ jobs: uses: actions/setup-go@v2 with: go-version: 1.15 + - + name: Install the required version of GoReleaser + env: + GORELEASER_VERSION: '0.155.1' + run: | + curl -sL -o goreleaser_amd64.deb "https://github.com/goreleaser/goreleaser/releases/download/v${GORELEASER_VERSION}/goreleaser_amd64.deb" + sudo dpkg -i goreleaser_amd64.deb + rm -f goreleaser_amd64.deb - name: Import the GPG signing key - id: import_gpg - uses: danitso/ghaction-import-gpg@master - with: - gpg-private-key: ${{ secrets.GPG_KEY }} - passphrase: ${{ secrets.GPG_PASSPHRASE }} + env: + GPG_KEY: ${{ secrets.GPG_KEY }} + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + run: | + mkdir -p ~/.gnupg + + cat << EOF > ~/.gnupg/gpg.conf + use-agent + pinentry-mode loopback + EOF + + echo "$GPG_KEY" | base64 -d -i | gpg --batch --allow-secret-key-import --import + gpg --keyid-format LONG --list-secret-keys + + cat << EOF > ~/.gnupg/gpg-agent.conf + default-cache-ttl 7200 + max-cache-ttl 31536000 + allow-loopback-pinentry + allow-preset-passphrase + EOF + + echo RELOADAGENT | gpg-connect-agent + + printf '%s' "$GPG_PASSPHRASE" > ./.gpg_passphrase - name: Create release - uses: danitso/goreleaser-action@v2 - with: - version: latest - args: release --rm-dist --snapshot env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} + GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} + run: | + goreleaser build --parallelism 2 --rm-dist --snapshot --timeout 1h diff --git a/.goreleaser.test.yml b/.goreleaser.test.yml new file mode 100644 index 00000000..467767b7 --- /dev/null +++ b/.goreleaser.test.yml @@ -0,0 +1,37 @@ +before: + hooks: + - go mod tidy +builds: +- env: + - CGO_ENABLED=0 + mod_timestamp: '{{ .CommitTimestamp }}' + flags: + - -trimpath + ldflags: + - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}' + goos: + - freebsd + - windows + - linux + - darwin + goarch: + - amd64 + - '386' + - arm + - arm64 + ignore: + - goos: darwin + goarch: '386' + binary: '{{ .ProjectName }}_v{{ .Version }}' +archives: +- format: zip + name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}' +checksum: + name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS' + algorithm: sha256 +signs: + - artifacts: none +release: + draft: false +changelog: + skip: true diff --git a/.goreleaser.yml b/.goreleaser.yml index e3448085..dca0b00b 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -2,30 +2,30 @@ before: hooks: - go mod tidy builds: -- env: - - CGO_ENABLED=0 - mod_timestamp: '{{ .CommitTimestamp }}' - flags: - - -trimpath - ldflags: - - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}' - goos: - - freebsd - - windows - - linux - - darwin - goarch: - - amd64 - - '386' - - arm - - arm64 - ignore: - - goos: darwin - goarch: '386' - binary: '{{ .ProjectName }}_v{{ .Version }}' + - env: + - CGO_ENABLED=0 + mod_timestamp: '{{ .CommitTimestamp }}' + flags: + - -trimpath + ldflags: + - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}' + goos: + - freebsd + - windows + - linux + - darwin + goarch: + - amd64 + - '386' + - arm + - arm64 + ignore: + - goos: darwin + goarch: '386' + binary: '{{ .ProjectName }}_v{{ .Version }}' archives: -- format: zip - name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}' + - format: zip + name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}' checksum: name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS' algorithm: sha256 @@ -37,8 +37,11 @@ signs: - "{{ .Env.GPG_FINGERPRINT }}" - "--output" - "${signature}" + - "--passphrase-fd" + - "0" - "--detach-sign" - "${artifact}" + stdin_file: ./.gpg_passphrase release: draft: false changelog: