adding support for gpg commit signing
This commit is contained in:
parent
2026a4bf1a
commit
1c5f270731
1 changed files with 36 additions and 1 deletions
37
action.yml
37
action.yml
|
@ -25,6 +25,18 @@ inputs:
|
|||
description: 'A comma or newline separated list of labels to set on the Pull Request to be created'
|
||||
required: false
|
||||
default: ''
|
||||
sign-commits:
|
||||
description: 'Set to true if the action should sign the commit with GPG'
|
||||
required: false
|
||||
default: ''
|
||||
gpg-private-key:
|
||||
description: 'GPG Private Key with which to sign the commits in the PR to be created'
|
||||
required: false
|
||||
default: ''
|
||||
gpg-passphrase:
|
||||
description: 'GPG Private Key Passphrase for the GPG Private Key with which to sign the commits in the PR to be created'
|
||||
required: false
|
||||
default: ''
|
||||
outputs:
|
||||
pull-request-number:
|
||||
description: 'The number of the opened pull request'
|
||||
|
@ -32,7 +44,30 @@ outputs:
|
|||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- run: $GITHUB_ACTION_PATH/update-flake-lock.sh
|
||||
- name: Import bot's GPG key for signing commits
|
||||
if: ${{ inputs.sign-commits }}
|
||||
id: import-gpg
|
||||
uses: crazy-max/ghaction-import-gpg@v4
|
||||
with:
|
||||
gpg_private_key: ${{ inputs.gpg-private-key }}
|
||||
passphrase: ${{ inputs.gpg-passphrase }}
|
||||
git_config_global: true
|
||||
git_user_signingkey: true
|
||||
git_commit_gpgsign: true
|
||||
- name: Run update-flake-lock.sh (signed commit)
|
||||
run: $GITHUB_ACTION_PATH/update-flake-lock.sh
|
||||
if: ${{ inputs.sign-commits }}
|
||||
shell: bash
|
||||
env:
|
||||
GIT_AUTHOR_NAME: ${{ steps.import-gpg.outputs.name }}
|
||||
GIT_AUTHOR_EMAIL: ${{ steps.import-gpg.outputs.email }}
|
||||
GIT_COMMITTER_NAME: ${{ steps.import-gpg.outputs.name }}
|
||||
GIT_COMMITTER_EMAIL: ${{ steps.import-gpg.outputs.email }}
|
||||
TARGETS: ${{ inputs.inputs }}
|
||||
COMMIT_MSG: ${{ inputs.commit-msg }}
|
||||
- name: Run update-flake-lock.sh (no commit signing)
|
||||
run: $GITHUB_ACTION_PATH/update-flake-lock.sh
|
||||
if: ${{ !inputs.sign-commits }}
|
||||
shell: bash
|
||||
env:
|
||||
GIT_AUTHOR_NAME: github-actions[bot]
|
||||
|
|
Loading…
Reference in a new issue