diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1979542..34a34a0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -34,11 +34,18 @@ jobs: - name: Import GPG key id: import_gpg - uses: hashicorp/ghaction-import-gpg@v2.1.0 - env: - # These secrets will need to be configured for the repository: - GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} - PASSPHRASE: ${{ secrets.PASSPHRASE }} + uses: crazy-max/ghaction-import-gpg@v4 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.PASSPHRASE }} +# - +# name: Import GPG key +# id: import_gpg +# uses: hashicorp/ghaction-import-gpg@v2.1.0 +# env: +# # These secrets will need to be configured for the repository: +# GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} +# PASSPHRASE: ${{ secrets.PASSPHRASE }} - name: Run GoReleaser uses: goreleaser/goreleaser-action@v2.7.0 @@ -47,7 +54,6 @@ jobs: args: release --rm-dist env: GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} - # GitHub sets this automatically - GITHUB_TOKEN: ${{ secrets.GH_PAT }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} PASSPHRASE: ${{ secrets.PASSPHRASE }} diff --git a/.goreleaser.yml b/.goreleaser.yml index b0682b8..4cd3a72 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -39,14 +39,17 @@ checksum: algorithm: sha256 signs: - artifacts: checksum - args: - - "--batch" - - "-u" - - "{{ .Env.GPG_FINGERPRINT }}" - - "--output" - - "${signature}" - - "--detach-sign" - - "${artifact}" + args: ["--batch", "-u", "{{ .Env.GPG_FINGERPRINT }}", "--output", "${signature}", "--detach-sign", "${artifact}"] +#signs: +# - artifacts: checksum +# args: +# - "--batch" +# - "-u" +# - "{{ .Env.GPG_FINGERPRINT }}" +# - "--output" +# - "${signature}" +# - "--detach-sign" +# - "${artifact}" release: # If you want to manually examine the release before its live, uncomment this line: # draft: true