ci: sign release commits with pgp key
Some checks failed
🚀 Lint & Test & Deploy / release (push) Failing after 2m10s

This commit is contained in:
release-bot
2026-02-10 15:47:42 +01:00
parent 22a11832b8
commit ee5ca81757
2 changed files with 13 additions and 3 deletions

View File

@@ -73,11 +73,19 @@ mv "$tmp_changelog" CHANGELOG.md
pnpm exec dprint fmt CHANGELOG.md
# -------------------------------------------------------------------
# 5. Create release commit
# 5. Setup GPG signing
# -------------------------------------------------------------------
git config user.name "release-bot"
git config user.email "release-bot@ci"
echo "$BOT_PGP_PRIVATE_KEY" | base64 -d | gpg --batch --import --
GPG_KEY_ID=$(gpg --list-secret-keys --keyid-format LONG nodarium-bot@max-richter.dev 2>/dev/null | grep sec | head -n1 | sed 's/.*\///' | tr -d ' ')
git config user.name "nodarium-bot"
git config user.email "nodarium-bot@max-richter.dev"
git config user.signingkey "$GPG_KEY_ID"
git config commit.gpgsign true
# -------------------------------------------------------------------
# 6. Create release commit
# -------------------------------------------------------------------
git add CHANGELOG.md $(find . -name package.json ! -path "*/node_modules/*")
if git diff --cached --quiet; then

View File

@@ -57,6 +57,8 @@ jobs:
- name: 🚀 Create Release Commit
if: gitea.ref_type == 'tag'
run: ./.gitea/scripts/create-release.sh
env:
BOT_PGP_PRIVATE_KEY : ${{ secrets.BOT_PGP_PRIVATE_KEY }}
- name: 🛠️ Build
run: ./.gitea/scripts/build.sh