Add Action

2025-03-23 23:28:37 +01:00 · 2025-03-23 23:28:37 +01:00 · bf5f3a3981
commit bf5f3a3981
parent 350a6e474b
2 changed files with 92 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -1,2 +1,42 @@
-# verified-commit
+# [Action] Signed Commits
 This GitHub Action sets up GPG and Git configuration for repositories, enabling signed commits.
 ## Features
 - Imports a GPG key and configures it for commit signing
 - Sets global Git configurations for `user.name`, `user.email`, and GPG signing key
 ## Usage
 ### Step 1: Add the Action to Your Workflow
 To use this action in a repository, include it as a step in your workflow YAML file, specifying the required secrets:
 ```yaml
 jobs:
  setup-gpg-git:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Configure GPG and Git for Signed Commits
        uses: https://git.kasper.onl/automations/verified-commit@v0.0.1
        with:
          GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
          GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }}
          GIT_USERNAME: "Jane Doe"
          GIT_EMAIL: "jane.doe@example.com"
 ```
 ### Step 2: Add Required Secrets
 For this action to work, you'll need to add the following secrets to your GitHub repository:
 1. **GPG_SIGNING_KEY**: Your GPG signing key, base64-encoded.
 2. **GPG_PASSPHRASE**: The passphrase associated with your GPG key.
 3. **GPG_KEY_ID**: The ID of the GPG key used for signing
 4. **GIT_USERNAME**: The username for the Git Config
 5. **GIT_EMAIL**: The E-Mail for the Git Config
--- a/action.yaml
+++ b/action.yaml
@ -0,0 +1,51 @@
 name: "Configure GPG and Git for Signed Commits"
 description: "Sets up GPG and Git configuration for signed commits"
 author: "Florian Kasper"
 inputs:
  GPG_SIGNING_KEY:
    description: "Base64 encoded GPG signing key"
    required: true
  GPG_PASSPHRASE:
    description: "Passphrase for the GPG key"
    required: true
  GPG_KEY_ID:
    description: "GPG key ID"
    required: true
  GIT_USERNAME:
    description: "Name of the Git User"
    required: false
  GIT_EMAIL:
    description: "E-Mail of the verified User"
    required: false
 runs:
  using: "composite"
  steps:
    - name: Configure GPG
      shell: bash
      run: |
        echo -n "${{ inputs.GPG_SIGNING_KEY }}" | base64 --decode > gpg.key
        gpg --batch --yes --passphrase "${{ inputs.GPG_PASSPHRASE }}" --pinentry-mode loopback --import gpg.key
        rm gpg.key
        mkdir -p ~/.gnupg
        cat <<EOF > ~/.gnupg/gpg.conf
        use-agent
        EOF
        cat <<EOF > ~/.gnupg/gpg-agent.conf
        allow-loopback-pinentry
        EOF
        gpg-connect-agent reloadagent /bye
    - name: Configure GIT
      shell: bash
      run: |
        git config --global user.name "${{ inputs.GIT_USERNAME }}"
        git config --global user.email "${{ inputs.GIT_EMAIL }}"
        git config --global user.signingkey "${{ inputs.GPG_KEY_ID }}"
        git config --global commit.gpgsign true
        git config --global gpg.program gpg
        echo "${{ inputs.GPG_PASSPHRASE }}" | gpg --batch --yes --passphrase-fd 0 --pinentry-mode loopback --sign -u ${{ inputs.GPG_KEY_ID }} -o /dev/null