test3

.github/workflows/release.yml

@@ -34,11 +34,18 @@ jobs:
  -
  name: Import GPG key
  id: import_gpg
- uses: hashicorp/[email protected]
- env:
- # These secrets will need to be configured for the repository:
- GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
- PASSPHRASE: ${{ secrets.PASSPHRASE }}
+ uses: crazy-max/ghaction-import-gpg@v4
+ with:
+ gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+ passphrase: ${{ secrets.PASSPHRASE }}
+# -
+# name: Import GPG key
+# id: import_gpg
+# uses: hashicorp/[email protected]
+# env:
+# # These secrets will need to be configured for the repository:
+# GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+# PASSPHRASE: ${{ secrets.PASSPHRASE }}
  -
  name: Run GoReleaser
  uses: goreleaser/[email protected]
@@ -47,7 +54,6 @@ jobs:
  args: release --rm-dist
  env:
  GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
- # GitHub sets this automatically
- GITHUB_TOKEN: ${{ secrets.GH_PAT }}
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
  PASSPHRASE: ${{ secrets.PASSPHRASE }}

.goreleaser.yml

@@ -39,14 +39,17 @@ checksum:
  algorithm: sha256
 signs:
  - artifacts: checksum
- args:
- - "--batch"
- - "-u"
- - "{{ .Env.GPG_FINGERPRINT }}"
- - "--output"
- - "${signature}"
- - "--detach-sign"
- - "${artifact}"
+ args: ["--batch", "-u", "{{ .Env.GPG_FINGERPRINT }}", "--output", "${signature}", "--detach-sign", "${artifact}"]
+#signs:
+# - artifacts: checksum
+# args:
+# - "--batch"
+# - "-u"
+# - "{{ .Env.GPG_FINGERPRINT }}"
+# - "--output"
+# - "${signature}"
+# - "--detach-sign"
+# - "${artifact}"
 release:
  # If you want to manually examine the release before its live, uncomment this line:
  # draft: true