-
Notifications
You must be signed in to change notification settings - Fork 7
44 lines (36 loc) · 1.62 KB
/
signrelease.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
name: Sign and Release Module
on:
push:
branches:
- 'release/*'
jobs:
sign_and_release_module:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
path : ${{ github.event.repository.name }}
- name: Install GPG
run: sudo apt-get update && sudo apt-get install gnupg xmlstarlet -y
- name: Import GPG key
run: echo "${{ secrets.GPG_SIGNING_KEY }}" | base64 --decode | gpg --import
- name: Extract version and rawname from module.xml
id: extract_info
run: |
version=$(awk -F'[><]' '/<version>/{print $3; exit}' ./${{ github.event.repository.name }}/module.xml)
rawname=$(awk -F'[><]' '/<rawname>/{print $3; exit}' ./${{ github.event.repository.name }}/module.xml)
echo "MODULE_VERSION=$version" >> $GITHUB_ENV
echo "MODULE_RAWNAME=$rawname" >> $GITHUB_ENV
# Assuming your module build/packaging places the file and signing script in the working directory
- name: Sign module
run: |
chmod +x ./${{ github.event.repository.name }}/.github/workflows/sign.sh
./${{ github.event.repository.name }}/.github/workflows/sign.sh ${MODULE_RAWNAME} "${{ secrets.GPG_SIGNING_KEY }}" ./${{ github.event.repository.name }}/.github/workflows/exclude.txt
- name: Push signed module to releases
uses: softprops/action-gh-release@v1
with:
files: ${MODULE_RAWNAME}-${MODULE_VERSION}.tar.gz
tag_name: v${MODULE_VERSION}
title: Release ${MODULE_VERSION}
token: ${{ secrets.GITHUB_TOKEN }}