try using on the fly gpg key generation

yelouarti · yelouarti · commit dad11149fbd4 · 2024-10-12T20:39:20.000+02:00
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -78,8 +78,40 @@ jobs:
           java-version: '17'
           distribution: 'temurin'
 
+      - name: Generate Dummy GPG Key
+        run: |
+          # Generate GPG key details
+          cat >key-details <<EOF
+          %echo Generating a dummy OpenPGP key
+          Key-Type: RSA
+          Key-Length: 2048
+          Name-Real: Dummy User
+          Name-Comment: For testing
+          Name-Email: dummy@example.com
+          Expire-Date: 0
+          %no-protection
+          %commit
+          %echo done
+          EOF
+          
+          # Generate the dummy GPG key
+          gpg --batch --generate-key key-details
+          
+          # Retrieve the key ID
+          KEY_ID=$(gpg --list-secret-keys --keyid-format LONG | grep '^sec' | awk '{print $2}' | awk -F'/' '{print $2}')
+          
+          # Export the key in ASCII-armored format
+          gpg --armor --export-secret-keys "$KEY_ID" > private.key
+          
+          # Set environment variables for Gradle
+          echo "SIGNING_KEY=$(cat private.key)" >> $GITHUB_ENV
+          echo "SIGNING_KEY_ID=$KEY_ID" >> $GITHUB_ENV
+
       - name: Dry Run Release
         run: ./gradlew clean assembleBundle -info --stacktrace
         env:
-          SIGNING_KEY: "dummy key for dry run"
-          SIGNING_PASSWORD: "dummy pw for dry run"
+          # Set Gradle signing properties via environment variables
+          ORG_GRADLE_PROJECT_signingKey: ${{ env.SIGNING_KEY }}
+          ORG_GRADLE_PROJECT_signingPassword: ""
+          ORG_GRADLE_PROJECT_signingKeyId: ${{ env.SIGNING_KEY_ID }}
+
