Skip to content

Commit

Permalink
fix: 🐛 disable gpg with passphrase
Browse files Browse the repository at this point in the history
  • Loading branch information
AndreasAugustin committed Feb 22, 2024
1 parent 1dd7023 commit 6daf078
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 6 deletions.
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -253,7 +253,6 @@ jobs:
| git_user_email | `[optional]` set the committer git user.email | `false` | `github-action@actions-template-sync.noreply.${SOURCE_REPO_HOSTNAME}` |
| git_remote_pull_params | `[optional]` set remote pull parameters | `false` | `--allow-unrelated-histories --squash --strategy=recursive -X theirs` |
| gpg_private_key | `[optional]` set if you want to sign commits | `false` | |
| gpg_passphrase | `[optional]` set if your optionial gpg private key has a passphrase | `false` | |

### Docker

Expand Down Expand Up @@ -316,7 +315,8 @@ gpg --armor --export-secret-key jon@doe.example | xclip
```

:warning: the gpg username and email must match the `git_user_name` and `git_user_email` parameters.
Paste your clipboard as a [secret][github-create-secret] named `GPG_PRIVATE_KEY` for example. If your key has a password, create another secret named `GPG_PASSPHRASE`.
Paste your clipboard as a [secret][github-create-secret] named `GPG_PRIVATE_KEY` for example.
:warning: currently a pgp key with passphrase is not supported (yet).

```yaml
# File: .github/workflows/template-sync.yml
Expand Down
3 changes: 0 additions & 3 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -54,8 +54,6 @@ inputs:
description: "[optional] set the pull parameters for the remote repository"
gpg_private_key:
description: "[optional] set the gpg private key if you want to sign your commits"
gpg_passphrase:
description: "[optional] set if your private gpg key has a password"
runs:
using: "docker"
image: "src/Dockerfile"
Expand All @@ -79,4 +77,3 @@ runs:
GIT_USER_EMAIL: ${{ inputs.git_user_email }}
GIT_REMOTE_PULL_PARAMS: ${{ inputs.git_remote_pull_params }}
GPG_PRIVATE_KEY: ${{ inputs.gpg_private_key }}
GPG_PASSPHRASE: ${{ inputs.gpg_passphrase }}
4 changes: 3 additions & 1 deletion src/gpg_no_tty.sh
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
#!/usr/bin/env bash

if [[ -n "${GPG_PASSPHRASE}" ]] &>/dev/null; then
echo -e "${GPG_PASSPHRASE}" | gpg --pinentry-mode loopback --batch --yes --passphrase-fd 0 "$@" <&0
# echo -e "${GPG_PASSPHRASE}" | gpg --pinentry-mode loopback --batch --yes --passphrase-fd 0 "$@" <&0
echo "::error::currently gpg with passphrase is not supported"
exit 1
else
gpg --pinentry-mode loopback --yes --batch "$@" <&0
fi
Expand Down

0 comments on commit 6daf078

Please sign in to comment.