Hi, my Github Org has a hook setup , that rejects any commit that is not signed with GPG key.
So i've created a Service account , Created a new GPG key for that service account & configured my GIthub workflow to import the GPG key.
Here is how i am importing my GPG key & installing the semantic release:
- name: Import GPG key
run: |
openssl enc -d -aes-256-cbc -in git_gpg_keys.asc.enc -out /tmp/git_gpg_keys.asc -pass pass:$GPG_PASSPHRASE -pbkdf2
chmod 600 /tmp/git_gpg_keys.asc
# Import the gpg key
gpg --batch --yes --import /tmp/git_gpg_keys.asc
# Create a script to pass the passphrase to the gpg CLI called by git
echo '#! /bin/bash' > /tmp/gpg-with-passphrase
echo -n "$(which gpg) --pinentry-mode loopback --passphrase '$GPG_PASSPHRASE' --no-tty " >> /tmp/gpg-with-passphrase # -n = no new line for the next "echo" to works properly ; also quoted and env-ed because the passphrase could contains special chars like "$"
echo '"$@"' >> /tmp/gpg-with-passphrase # prevent interpreting "$@" and render it as is for the bin
chmod +x /tmp/gpg-with-passphrase # can be more secure if needed
git config --global user.signingKey "${{ secrets.GPG_KEY_ID }}"
git config --global commit.gpgSign true
git config --global tag.gpgSign false
git config --global push.gpgSign true
git config --global gpg.program /tmp/gpg-with-passphrase
env:
GPG_PASSPHRASE: ${{ secrets.GPG_KEY_PASSPHRASE }}
GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }}
- name: Install dependencies & Release
run: |
npm install
npx semantic-release --debug
i am receving this error. Could someone please help me?
Hi, my Github Org has a hook setup , that rejects any commit that is not signed with GPG key.
So i've created a Service account , Created a new GPG key for that service account & configured my GIthub workflow to import the GPG key.
Here is how i am importing my GPG key & installing the semantic release:
i am receving this error. Could someone please help me?
