From b453403782a04c353745dab27e69eaf864089362 Mon Sep 17 00:00:00 2001 From: Yaroslav Date: Wed, 27 Sep 2023 15:04:18 +0300 Subject: [PATCH 1/2] feat: add signed commits for automated releases --- .changeset/tidy-cheetahs-deny.md | 5 +++++ .github/actions/github-config/action.yml | 20 ++++++++++++++++++++ .github/actions/release/action.yml | 12 +++++++++++- .github/workflows/release.yml | 1 + 4 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 .changeset/tidy-cheetahs-deny.md create mode 100644 .github/actions/github-config/action.yml diff --git a/.changeset/tidy-cheetahs-deny.md b/.changeset/tidy-cheetahs-deny.md new file mode 100644 index 0000000..7bea4b9 --- /dev/null +++ b/.changeset/tidy-cheetahs-deny.md @@ -0,0 +1,5 @@ +--- +"@macpaw/macpaw-ui": patch +--- + +Changes to trigger patch release for testing that auto release is working well diff --git a/.github/actions/github-config/action.yml b/.github/actions/github-config/action.yml new file mode 100644 index 0000000..f5cce46 --- /dev/null +++ b/.github/actions/github-config/action.yml @@ -0,0 +1,20 @@ +name: 'github config' +description: 'Update GIT config with signing key' +inputs: + gpg-key-base64: + description: 'Base64 GPG key' + required: true +runs: + using: "composite" + steps: + - run: | + mkdir -p ${GITHUB_WORKSPACE}/.gpg + echo ${{ inputs.gpg-key-base64 }} | base64 -d > ${GITHUB_WORKSPACE}/.gpg/private.key + gpg --import ${GITHUB_WORKSPACE}/.gpg/private.key + + git config --global user.signingkey + git config --global commit.gpgsign true + git config user.name ci-macpaw + git config user.email admin+ci-gh@macpaw.com + shell: bash + name: Update git config diff --git a/.github/actions/release/action.yml b/.github/actions/release/action.yml index e667f4e..3425f41 100644 --- a/.github/actions/release/action.yml +++ b/.github/actions/release/action.yml @@ -29,13 +29,22 @@ inputs: description: 'The command to use to release' required: false default: 'release' + gpg-key-base64: + description: 'The base64 encoded GPG key to use' + required: true + default: '' outputs: release-ready: description: "Random number" value: ${{ steps.output-generator.outputs.release-ready }} runs: using: composite - steps: + steps: + - name: Configure git user + uses: ./.github/actions/github-config + with: + gpg-key-base64: ${{ inputs.gpg-key-base64 }} + - name: Prepare node uses: ./.github/actions/prepare-node id: prepare-node @@ -52,6 +61,7 @@ runs: publish: ${{ inputs.package-manager == 'npm' && format('npm run {0}', inputs.release-command) || format('{0} {1}', inputs.package-manager, inputs.release-command) }} title: ${{ inputs.release-pr-title }} commit: ${{ inputs.release-commit-message }} + setupGitUser: false env: GITHUB_TOKEN: ${{ inputs.github-token }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cfa45bd..a2de51b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -28,6 +28,7 @@ jobs: release-commit-message: 'chore(release): version update for packages' github-token: ${{ secrets.GITHUB_TOKEN }} release-command: 'changes:release' + gpg-key-base64: ${{ secrets.CI_GITHUB_GPG_KEY_BASE64 }} - name: Generate outputs id: releaseOutputs From 6f9064142ab69463449d3f7c6d3cb93bab00475c Mon Sep 17 00:00:00 2001 From: Yaroslav Date: Wed, 27 Sep 2023 15:29:09 +0300 Subject: [PATCH 2/2] chore: update gitignore --- .github/actions/release/action.yml | 1 - .gitignore | 3 +++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/actions/release/action.yml b/.github/actions/release/action.yml index 3425f41..133fc41 100644 --- a/.github/actions/release/action.yml +++ b/.github/actions/release/action.yml @@ -32,7 +32,6 @@ inputs: gpg-key-base64: description: 'The base64 encoded GPG key to use' required: true - default: '' outputs: release-ready: description: "Random number" diff --git a/.gitignore b/.gitignore index aadb027..21687e6 100644 --- a/.gitignore +++ b/.gitignore @@ -18,3 +18,6 @@ out # VS code setting **/.vscode/* + +# GPG key +.gpg \ No newline at end of file