Comments (2)
crazy-max
commented on June 1, 2024
1
Latest release should fix this issue, thanks for your feedback
from ghaction-import-gpg.
RomanBredehoft
commented on June 1, 2024
So I've taken a deeper look into the code and found a workaround to make it work. There seem to basically be 2 issues :
- if the
gpg-agent.conffile does not exist, an error is raised (while I believe we could just create it empty) - the
getGnupgHomefunction does not work properly
Regarding the second one, I believe the issue is that, for some reasons, my GPG's home directory is /root/.gnupg (the logs say Homedir : /root/.gnupg) while getGnupgHome returns .gnupg. The reason probably comes from line 27 in gpg.ts :
let homedir: string = path.join(process.env.HOME || '', '.gnupg');
Instead of process.env.HOME, we should probably use GPG's home directory from function getDirs for example. Or at least something similar that retrieve's the homedir from GPG directly. Or am i missing something ?
For now, this is how I managed to make it work :
- name: Create gpg-agent.conf file
run: |
# Get GPG's home directory
GPG_HOMEDIR="$(gpgconf --list-dirs | grep "^homedir:" | sed 's/homedir://')"
GPG_AGENT_CONF="${GPG_HOMEDIR}/gpg-agent.conf"
# Create GPG's home directory
mkdir "${GPG_HOMEDIR}"
# Create GPG's agent configuration file
touch "${GPG_AGENT_CONF}"
# Give permissions in order to avoid GPG unsafe warnings
chmod 600 "${GPG_HOMEDIR}"
# Store GPG's home directory as an environment variable
echo "GPG_HOMEDIR=${GPG_HOMEDIR}" >> "$GITHUB_ENV"
- name: Import GPG
uses: crazy-max/[email protected]
with:
gpg_private_key: ${{ secrets.BOT_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.BOT_GPG_PASSPHRASE }}
git_user_signingkey: true
git_tag_gpgsign: true
env:
GNUPGHOME: ${{ env.GPG_HOMEDIR }}
It seems that also I needed to add some permissions to the directory, else a "warning: unsafe permissions" was raised by GPG: https://gist.github.com/oseme-techguy/bae2e309c084d93b75a9b25f49718f85
Besides, even with that, I was not able to use the git_config_global option as it would raise an aobscure $HOME not set error. Solutions like in this topic did not solve anything. Fortunately, I did not need this and I could just avoid it.
Hope this gives a better idea of the issue !
from ghaction-import-gpg.
Related Issues (20)
- No errors but can't sign commits HOT 5
- Set trust on private key import HOT 2
- Transient ERR 67108891 Not found <GPG Agent> HOT 5
- Error: Misformed armored text HOT 1
- Delete key fails when you use set a subkey for the fingerprint input HOT 2
- Premature key removal in cleanup due to concurrency HOT 3
- 67108933 Not implemented <GPG Agent> HOT 3
- No secret key when signing with goreleaser HOT 1
- Allow using any UID from a key
- Deprecated Node.js 12 actions (Update to Node.js 16) HOT 2
- Unable to export GPG key HOT 3
- Keygrip empty
- SSH Signing-Key Support? HOT 1
- Input required and not supplied: gpg_private_key HOT 2
- openpgp is an outdated version that does not support ECC keys HOT 4
- Getting error `gpg: error reading key: No secret key` HOT 4
- Suggestion: pass or allow `--global` flag when configuring properties in `git config` HOT 2
- Post-cleanup GPG action generates a warning if the same key is imported twice HOT 1
- Support `if-asked` for `git-push-gpgsign` HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ghaction-import-gpg.