Skip to content
Prerelease

Merge pull request #468 from jiaqiluo/fix-master-3 #6

Sign in to view logs

Merge pull request #468 from jiaqiluo/fix-master-3

Merge pull request #468 from jiaqiluo/fix-master-3 #6

Workflow file for this run

.github/workflows/pre-release.yaml at 25c89b1
name: Prerelease
on:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+'
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
steps:
- uses: actions/checkout@v4
- name: build binaries
env:
CROSS: 1
VERSION: ${{ github.ref_name }}
run: |
make build
- name: package
run: |
make package
- name: retrieve GPG Credentials
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/key/credentials passphrase | GPG_PASSPHRASE ;
secret/data/github/repo/${{ github.repository }}/key/credentials key | GPG_KEY
- name: sign SHASUM
env:
GPG_KEY: ${{ env.GPG_KEY }}
GPG_PASSPHRASE: ${{ env.GPG_PASSPHRASE }}
run: |
echo "Importing gpg key"
echo -n "$GPG_KEY" | base64 --decode | gpg --import --batch >/dev/null
# Extract the key ID from the list of secret keys
GPG_KEY_ID=$(gpg --list-secret-keys --with-colons | awk -F: '/^sec/ {print $5}')
echo "Extracted GPG Key ID: $GPG_KEY_ID"
# Automatically trust the key by creating a trust level entry for the key (ultimate trust)
echo -e "$GPG_KEY_ID:6:" | gpg --import-ownertrust
echo "signing SHASUM file"
VERSION_NO_V=$(echo ${{ github.ref_name }} | sed "s/^[v|V]//")
SHASUM_FILE=dist/artifacts/${{ github.ref_name }}/terraform-provider-rke_"$VERSION_NO_V"_SHA256SUMS
echo "$GPG_PASSPHRASE" | gpg --detach-sig --pinentry-mode loopback --passphrase-fd 0 --default-key "$GPG_KEY_ID" --output "$SHASUM_FILE".sig --sign "$SHASUM_FILE"
- name: GH release
env:
GH_TOKEN: ${{ github.token }}
run: |
gh release create ${{ github.ref_name }} --prerelease --verify-tag --generate-notes ./dist/artifacts/${{ github.ref_name }}/*