adding support for gpg commit signing
This commit is contained in:
parent
2026a4bf1a
commit
1c5f270731
1 changed files with 36 additions and 1 deletions
37
action.yml
37
action.yml
|
@ -25,6 +25,18 @@ inputs:
|
||||||
description: 'A comma or newline separated list of labels to set on the Pull Request to be created'
|
description: 'A comma or newline separated list of labels to set on the Pull Request to be created'
|
||||||
required: false
|
required: false
|
||||||
default: ''
|
default: ''
|
||||||
|
sign-commits:
|
||||||
|
description: 'Set to true if the action should sign the commit with GPG'
|
||||||
|
required: false
|
||||||
|
default: ''
|
||||||
|
gpg-private-key:
|
||||||
|
description: 'GPG Private Key with which to sign the commits in the PR to be created'
|
||||||
|
required: false
|
||||||
|
default: ''
|
||||||
|
gpg-passphrase:
|
||||||
|
description: 'GPG Private Key Passphrase for the GPG Private Key with which to sign the commits in the PR to be created'
|
||||||
|
required: false
|
||||||
|
default: ''
|
||||||
outputs:
|
outputs:
|
||||||
pull-request-number:
|
pull-request-number:
|
||||||
description: 'The number of the opened pull request'
|
description: 'The number of the opened pull request'
|
||||||
|
@ -32,7 +44,30 @@ outputs:
|
||||||
runs:
|
runs:
|
||||||
using: "composite"
|
using: "composite"
|
||||||
steps:
|
steps:
|
||||||
- run: $GITHUB_ACTION_PATH/update-flake-lock.sh
|
- name: Import bot's GPG key for signing commits
|
||||||
|
if: ${{ inputs.sign-commits }}
|
||||||
|
id: import-gpg
|
||||||
|
uses: crazy-max/ghaction-import-gpg@v4
|
||||||
|
with:
|
||||||
|
gpg_private_key: ${{ inputs.gpg-private-key }}
|
||||||
|
passphrase: ${{ inputs.gpg-passphrase }}
|
||||||
|
git_config_global: true
|
||||||
|
git_user_signingkey: true
|
||||||
|
git_commit_gpgsign: true
|
||||||
|
- name: Run update-flake-lock.sh (signed commit)
|
||||||
|
run: $GITHUB_ACTION_PATH/update-flake-lock.sh
|
||||||
|
if: ${{ inputs.sign-commits }}
|
||||||
|
shell: bash
|
||||||
|
env:
|
||||||
|
GIT_AUTHOR_NAME: ${{ steps.import-gpg.outputs.name }}
|
||||||
|
GIT_AUTHOR_EMAIL: ${{ steps.import-gpg.outputs.email }}
|
||||||
|
GIT_COMMITTER_NAME: ${{ steps.import-gpg.outputs.name }}
|
||||||
|
GIT_COMMITTER_EMAIL: ${{ steps.import-gpg.outputs.email }}
|
||||||
|
TARGETS: ${{ inputs.inputs }}
|
||||||
|
COMMIT_MSG: ${{ inputs.commit-msg }}
|
||||||
|
- name: Run update-flake-lock.sh (no commit signing)
|
||||||
|
run: $GITHUB_ACTION_PATH/update-flake-lock.sh
|
||||||
|
if: ${{ !inputs.sign-commits }}
|
||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
GIT_AUTHOR_NAME: github-actions[bot]
|
GIT_AUTHOR_NAME: github-actions[bot]
|
||||||
|
|
Loading…
Reference in a new issue