From 42dbe10fb3f68496b16e3051d911e7e62df02468 Mon Sep 17 00:00:00 2001 From: Nicola Squartini Date: Wed, 17 Aug 2022 11:41:30 +0900 Subject: [PATCH] docs: explain the `gpg-fingerprint` input parameter --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 7ae4486..ffc5543 100644 --- a/README.md +++ b/README.md @@ -176,6 +176,8 @@ For the bot to produce signed commits, you will have to provide the GPG private When using commit signing, the commit author name and email for the commits produced by this bot would correspond to the ones associated to the GPG Public Key. +If you want to sign using a subkey, you must specify the subkey fingerprint using the `gpg-fingerprint` input parameter. + You can find an example of how to using this action with commit signing below: ```yaml @@ -198,6 +200,7 @@ jobs: with: sign-commits: true gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} + gpg-fingerprint: ${{ secrets.GPG_FINGERPRINT }} # specify subkey fingerprint (optional) gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} ```