You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello! I am looking for a way to sign the commits for my GitHub Actions which suppose to commit files the files created in the branch where I'm running my pipeline. On my Repo is a rule created which only allows verified commits.
Maybe I have imported the key pair at the wrong place. I dont know. Please help!! 😅
This is what my relevant steps of my pipeline look like: (Do not be suprised about some things there, beceause I was troubleshooting quite a while without a result :( )
- name: 1 file generator | Prepare GitHub Actions Signed Commit with GPG Key
id: import-gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.BOT_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.BOT_GPG_PASSPHRASE }}
git_user_signingkey: true
git_commit_gpgsign: true
- name: 1 file generator | Terraform format and copy created files into branch
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gpg -K
terraform -chdir=./.created_files/ fmt
git config --global user.email "${{ steps.import-gpg.outputs.email }}"
git config --global user.name "${{ steps.import-gpg.outputs.name }}"
git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}
git add .
git commit -S -m "Check-In created Terraform Files"
git push
# echo "The monitoring-baseline.tf has changed since the last run and will now be overwritten in the ./.created_files folder"
This is my error:
/home/runner/.gnupg/pubring.kbx
-------------------------------
sec rsa4096 2024-01-[15](https://github.com/xdev/monitoring-tf/actions/runs/7529946793/job/20495285351#step:8:16) [SCA] [expires: 2027-01-15]
5BCEF9D73C7AA0F6[18](https://github.com/xdev/monitoring-tf/actions/runs/7529946793/job/20495285351#step:8:19)8F771F02AD5E0E7B2F2E44
uid [ unknown] github-actions <github-actions@github.com>
ssb rsa4096 [20](https://github.com/xdev/monitoring-tf/actions/runs/7529946793/job/20495285351#step:8:21)[24](https://github.com/xdev/monitoring-tf/actions/runs/7529946793/job/20495285351#step:8:25)-01-15 [E] [expires: 20[27](https://github.com/xdev/monitoring-tf/actions/runs/7529946793/job/20495285351#step:8:28)-01-15]
monitoring-baseline.tf
providers.tf
[dashboards cf1d0b2] Check-In created Terraform Files
3 files changed, 90 insertions(+), 1 deletion(-)
create mode 100755 .created_files/providers.tf
warning: not sending a push certificate since the receiving end does not support --signed push
remote: error: GH013: Repository rule violations found for refs/heads/dashboards.
remote: Review all repository rules at http://github.com/xdev/monitoring-tf/rules?ref=refs%2Fheads%2Fdashboards
remote:
remote: - Commits must have valid signatures.
remote:
To https://github.com/xdev/monitoring-tf
! [remote rejected] dashboards -> dashboards (push declined due to repository rule violations)
error: failed to push some refs to 'https://github.com/xdev/monitoring-tf'
Error: Process completed with exit code 1.
Does anyone have an Idea why my Pipeline keeps failing?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello! I am looking for a way to sign the commits for my GitHub Actions which suppose to commit files the files created in the branch where I'm running my pipeline. On my Repo is a rule created which only allows verified commits.
Maybe I have imported the key pair at the wrong place. I dont know. Please help!! 😅
This is what my relevant steps of my pipeline look like: (Do not be suprised about some things there, beceause I was troubleshooting quite a while without a result :( )
This is my error:
Does anyone have an Idea why my Pipeline keeps failing?
Beta Was this translation helpful? Give feedback.
All reactions