diff --git a/.github/workflows/autobump.yml b/.github/workflows/autobump.yml index e889576c5ff76..71326bb23c19d 100644 --- a/.github/workflows/autobump.yml +++ b/.github/workflows/autobump.yml @@ -47,7 +47,8 @@ jobs: - name: Set up commit signing uses: Homebrew/actions/setup-commit-signing@master with: - signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} + ssh: true + signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }} - name: Bump formulae env: @@ -55,7 +56,6 @@ jobs: HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.HOMEBREW_CORE_REPO_WORKFLOW_TOKEN }} HOMEBREW_GIT_COMMITTER_NAME: BrewTestBot HOMEBREW_GIT_COMMITTER_EMAIL: 1589480+BrewTestBot@users.noreply.github.com - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} FORMULAE: ${{ inputs.formulae }} run: | BREW_BUMP=(brew bump --no-fork --open-pr --formulae) diff --git a/.github/workflows/create-replacement-pr.yml b/.github/workflows/create-replacement-pr.yml index 3b2d3fe85a9c6..9b5178c7b65ff 100644 --- a/.github/workflows/create-replacement-pr.yml +++ b/.github/workflows/create-replacement-pr.yml @@ -152,14 +152,14 @@ jobs: - name: Set up commit signing uses: Homebrew/actions/setup-commit-signing@master with: - signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} + ssh: true + signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }} - name: Pull PR id: pr-pull working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }} env: BREWTESTBOT_NAME_EMAIL: "BrewTestBot <1589480+BrewTestBot@users.noreply.github.com>" - HOMEBREW_GPG_PASSPHRASE: ${{ inputs.autosquash && secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.HOMEBREW_CORE_PUBLIC_REPO_EMAIL_TOKEN }} MESSAGE: ${{ inputs.message }} AUTOSQUASH_FLAG: ${{ inputs.autosquash && '--autosquash' || '' }} @@ -193,7 +193,6 @@ jobs: working-directory: ${{steps.pr-pull.outputs.bottle_path}} env: BREWTESTBOT_NAME_EMAIL: "BrewTestBot <1589480+BrewTestBot@users.noreply.github.com>" - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} HOMEBREW_GITHUB_PACKAGES_USER: brewtestbot HOMEBREW_GITHUB_PACKAGES_TOKEN: ${{secrets.HOMEBREW_CORE_GITHUB_PACKAGES_TOKEN}} WARN_ON_UPLOAD_FAILURE_FLAG: ${{inputs.warn_on_upload_failure && '--warn-on-upload-failure' || ''}} @@ -216,7 +215,6 @@ jobs: env: GIT_COMMITTER_NAME: ${{ steps.git-user-config.outputs.name }} GIT_COMMITTER_EMAIL: ${{ steps.git-user-config.outputs.email }} - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} - name: Open replacement pull request id: create-pr diff --git a/.github/workflows/dispatch-build-bottle.yml b/.github/workflows/dispatch-build-bottle.yml index 341685734349b..e09a5b4323040 100644 --- a/.github/workflows/dispatch-build-bottle.yml +++ b/.github/workflows/dispatch-build-bottle.yml @@ -233,7 +233,8 @@ jobs: - name: Set up commit signing uses: Homebrew/actions/setup-commit-signing@master with: - signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} + ssh: true + signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }} - name: Generate build provenance uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # v2.2.0 @@ -249,7 +250,6 @@ jobs: env: HOMEBREW_GITHUB_PACKAGES_USER: brewtestbot HOMEBREW_GITHUB_PACKAGES_TOKEN: ${{secrets.HOMEBREW_CORE_GITHUB_PACKAGES_TOKEN}} - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} BREWTESTBOT_NAME_EMAIL: "BrewTestBot <1589480+BrewTestBot@users.noreply.github.com>" HOMEBREW_CORE_PATH: ${{steps.set-up-homebrew.outputs.repository-path}} working-directory: ${{ env.BOTTLES_DIR }} @@ -267,7 +267,6 @@ jobs: env: GIT_COMMITTER_NAME: BrewTestBot GIT_COMMITTER_EMAIL: 1589480+BrewTestBot@users.noreply.github.com - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} - name: Open PR with bottle commit id: create-pr diff --git a/.github/workflows/dispatch-rebottle.yml b/.github/workflows/dispatch-rebottle.yml index 8401d90dd27ff..767f06b1dd7e2 100644 --- a/.github/workflows/dispatch-rebottle.yml +++ b/.github/workflows/dispatch-rebottle.yml @@ -170,7 +170,8 @@ jobs: - name: Set up commit signing uses: Homebrew/actions/setup-commit-signing@master with: - signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} + ssh: true + signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }} - name: Generate build provenance uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # v2.2.0 @@ -186,7 +187,6 @@ jobs: env: HOMEBREW_GITHUB_PACKAGES_USER: brewtestbot HOMEBREW_GITHUB_PACKAGES_TOKEN: ${{secrets.HOMEBREW_CORE_GITHUB_PACKAGES_TOKEN}} - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} BREWTESTBOT_NAME_EMAIL: "BrewTestBot <1589480+BrewTestBot@users.noreply.github.com>" HOMEBREW_CORE_PATH: ${{steps.set-up-homebrew.outputs.repository-path}} working-directory: ${{ env.BOTTLES_DIR }} @@ -204,7 +204,6 @@ jobs: env: GIT_COMMITTER_NAME: BrewTestBot GIT_COMMITTER_EMAIL: 1589480+BrewTestBot@users.noreply.github.com - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} - name: Open PR with bottle commit id: create-pr diff --git a/.github/workflows/publish-commit-bottles.yml b/.github/workflows/publish-commit-bottles.yml index 44cd0313bad2e..fc444d27fe883 100644 --- a/.github/workflows/publish-commit-bottles.yml +++ b/.github/workflows/publish-commit-bottles.yml @@ -299,7 +299,8 @@ jobs: - name: Set up commit signing uses: Homebrew/actions/setup-commit-signing@master with: - signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} + ssh: true + signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }} - name: Checkout PR branch working-directory: ${{steps.set-up-homebrew.outputs.repository-path}} @@ -312,7 +313,6 @@ jobs: working-directory: ${{steps.set-up-homebrew.outputs.repository-path}} env: BREWTESTBOT_NAME_EMAIL: "BrewTestBot <1589480+BrewTestBot@users.noreply.github.com>" - HOMEBREW_GPG_PASSPHRASE: ${{ inputs.autosquash && secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} HOMEBREW_GITHUB_API_TOKEN: ${{secrets.HOMEBREW_CORE_PUBLIC_REPO_EMAIL_TOKEN}} EXPECTED_SHA: ${{needs.check.outputs.head_sha}} LARGE_RUNNER: ${{inputs.large_runner}} @@ -363,7 +363,6 @@ jobs: working-directory: ${{steps.pr-pull.outputs.bottle_path}} env: BREWTESTBOT_NAME_EMAIL: "BrewTestBot <1589480+BrewTestBot@users.noreply.github.com>" - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} HOMEBREW_GITHUB_PACKAGES_USER: brewtestbot HOMEBREW_GITHUB_PACKAGES_TOKEN: ${{secrets.HOMEBREW_CORE_GITHUB_PACKAGES_TOKEN}} REPO_PATH: ${{steps.set-up-homebrew.outputs.repository-path}} @@ -391,7 +390,6 @@ jobs: env: GIT_COMMITTER_NAME: BrewTestBot GIT_COMMITTER_EMAIL: 1589480+BrewTestBot@users.noreply.github.com - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} - name: Add CI-published-bottle-commits label run: gh pr edit --add-label CI-published-bottle-commits "$PR" --repo "$GITHUB_REPOSITORY" diff --git a/.github/workflows/remove-disabled-packages.yml b/.github/workflows/remove-disabled-packages.yml index 4ffd568dcc08b..ae1eefeb47989 100644 --- a/.github/workflows/remove-disabled-packages.yml +++ b/.github/workflows/remove-disabled-packages.yml @@ -52,7 +52,8 @@ jobs: - name: Set up commit signing uses: Homebrew/actions/setup-commit-signing@master with: - signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} + ssh: true + signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }} - name: Checkout removal branch run: git checkout -b "$REMOVAL_BRANCH" origin/master @@ -62,7 +63,6 @@ jobs: id: remove_disabled uses: Homebrew/actions/remove-disabled-packages@master env: - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} HOMEBREW_EVAL_ALL: 1 - name: Push commits @@ -75,7 +75,6 @@ jobs: env: GIT_COMMITTER_NAME: ${{ steps.git-user-config.outputs.name }} GIT_COMMITTER_EMAIL: ${{ steps.git-user-config.outputs.email }} - HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} - name: Create pull request if: fromJson(steps.remove_disabled.outputs.packages-removed)