the-nexim/actions
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: add GPG private key to release workflow for enhanced security

Browse Source
This commit is contained in:
arashagp
2025-01-02 11:18:57 +03:30
parent e05c377c55
commit 1f8ffd2f69
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.github/workflows/release.yaml vendored
View File

@@ -17,10 +17,16 @@ on:
BOT_TOKEN: BOT_TOKEN:
required: true required: true
description: "Nexim Bot token" description: "Nexim Bot token"
GPG_PRIVATE_KEY:
required: true
description: "GPG private key"
permissions: permissions:
contents: write contents: write
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
jobs: jobs:
main: main:
name: Build & Lint & Test & Release name: Build & Lint & Test & Release
@@ -35,7 +41,7 @@ jobs:
- name: 🙂‍↔️ Import GPG key - name: 🙂‍↔️ Import GPG key
run: | run: |
echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --import echo "${{ env.GPG_PRIVATE_KEY }}" | gpg --batch --import
echo -e "5\ny\n" | gpg --batch --yes --command-fd 0 --edit-key ${{ secrets.GPG_KEY_ID }} trust quit echo -e "5\ny\n" | gpg --batch --yes --command-fd 0 --edit-key ${{ secrets.GPG_KEY_ID }} trust quit
env: env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY}} GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY}}