From 91f01c9c51b994469f0391faba326859a249cf15 Mon Sep 17 00:00:00 2001 From: trivernis Date: Sat, 17 Apr 2021 11:38:58 +0200 Subject: [PATCH 1/3] Add gpg sign test to debug action Signed-off-by: trivernis --- .github/workflows/build.yml | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d9809d2..f2b4f99 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -42,4 +42,25 @@ jobs: run: cargo test --verbose --package bot-database - name: Test binary - run: cargo test --verbose \ No newline at end of file + run: cargo test --verbose + + - name: Move binaries + run: mv target/x86_64-unknown-linux-gnu/debug/tobi-rs target/tobi-rs-linux-x86_64_debug + + - name: Import GPG key + id: import_gpg + uses: crazy-max/ghaction-import-gpg@v3 + with: + gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.PASSPHRASE }} + + - name: Sign artifact + run: gpg --detach-sign --sign --armor --default-key steps.import_gpg.outputs.keyid --output target/tobi-rs-linux-x86_64_debug.sig target/tobi-rs-linux-x86_64_debug + + - name: Upload artifacts + uses: actions/upload-artifact@v2 + with: + name: tobi-rs-linux_debug + path: | + target/tobi-rs-linux-x86_64_debug + target/tobi-rs-linux-x86_64_debug.sig \ No newline at end of file From d1e8f0f51f9efb15025532d959e81e3ecfdcd99e Mon Sep 17 00:00:00 2001 From: trivernis Date: Sat, 17 Apr 2021 11:43:35 +0200 Subject: [PATCH 2/3] Fix path in move binaries step Signed-off-by: trivernis --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f2b4f99..2a54b9c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -45,7 +45,7 @@ jobs: run: cargo test --verbose - name: Move binaries - run: mv target/x86_64-unknown-linux-gnu/debug/tobi-rs target/tobi-rs-linux-x86_64_debug + run: mv target/debug/tobi-rs target/tobi-rs-linux-x86_64_debug - name: Import GPG key id: import_gpg From b763371603b50b1751fcddaa030ce5a592705f81 Mon Sep 17 00:00:00 2001 From: trivernis Date: Sat, 17 Apr 2021 11:52:58 +0200 Subject: [PATCH 3/3] Add sign artifact task to release build task Signed-off-by: trivernis --- .github/workflows/build-and-release.yml | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-release.yml b/.github/workflows/build-and-release.yml index f596ff4..ad01fd5 100644 --- a/.github/workflows/build-and-release.yml +++ b/.github/workflows/build-and-release.yml @@ -16,6 +16,12 @@ jobs: with: toolchain: stable override: true + - name: Import GPG key + id: import_gpg + uses: crazy-max/ghaction-import-gpg@v3 + with: + gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.PASSPHRASE }} - name: Cache cargo builds uses: actions/cache@v2 with: @@ -34,11 +40,15 @@ jobs: run: strip target/x86_64-unknown-linux-gnu/release/tobi-rs - name: Move binaries run: mv target/x86_64-unknown-linux-gnu/release/tobi-rs target/tobi-rs-linux-x86_64 + - name: Sign artifact + run: gpg --detach-sign --sign --armor --default-key steps.import_gpg.outputs.keyid --output target/tobi-rs-linux-x86_64.sig target/tobi-rs-linux-x86_64 - name: Upload artifacts uses: actions/upload-artifact@v2 with: name: tobi-rs-linux-x86_64 - path: target/tobi-rs-linux-x86_64 + path: | + target/tobi-rs-linux-x86_64 + target/tobi-rs-linux-x86_64.sig - name: publish release uses: "marvinpinto/action-automatic-releases@latest" with: @@ -46,4 +56,5 @@ jobs: prerelease: false files: | LICENSE - target/tobi-rs-linux-x86_64 \ No newline at end of file + target/tobi-rs-linux-x86_64 + target/tobi-rs-linux-x86_64.sig \ No newline at end of file