/
main.ts
119 lines (103 loc) · 4.27 KB
/
main.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
import * as core from '@actions/core';
import * as context from './context';
import * as git from './git';
import * as gpg from './gpg';
import * as openpgp from './openpgp';
import * as stateHelper from './state-helper';
async function run(): Promise<void> {
try {
let inputs: context.Inputs = await context.getInputs();
stateHelper.setGpgPrivateKey(inputs.gpgPrivateKey);
if (inputs.workdir && inputs.workdir !== '.') {
core.info(`📂 Using ${inputs.workdir} as working directory...`);
process.chdir(inputs.workdir);
}
const version = await gpg.getVersion();
const dirs = await gpg.getDirs();
await core.group(`📣 GnuPG info`, async () => {
core.info(`Version : ${version.gnupg} (libgcrypt ${version.libgcrypt})`);
core.info(`Libdir : ${dirs.libdir}`);
core.info(`Libexecdir : ${dirs.libexecdir}`);
core.info(`Datadir : ${dirs.datadir}`);
core.info(`Homedir : ${dirs.homedir}`);
});
const privateKey = await openpgp.readPrivateKey(inputs.gpgPrivateKey);
await core.group(`🔮 Checking GPG private key`, async () => {
core.info(`Fingerprint : ${privateKey.fingerprint}`);
core.info(`KeyID : ${privateKey.keyID}`);
core.info(`Name : ${privateKey.name}`);
core.info(`Email : ${privateKey.email}`);
core.info(`CreationTime : ${privateKey.creationTime}`);
});
await core.group(`🔑 Importing GPG private key`, async () => {
await gpg.importKey(inputs.gpgPrivateKey).then(stdout => {
core.info(stdout);
});
});
if (inputs.passphrase) {
core.info('⚙️ Configuring GnuPG agent');
await gpg.configureAgent(gpg.agentConfig);
core.info('📌 Getting keygrips');
await core.group(`📌 Getting keygrips`, async () => {
for (let keygrip of await gpg.getKeygrips(privateKey.fingerprint)) {
core.info(`🔓 Presetting passphrase for ${keygrip}`);
await gpg.presetPassphrase(keygrip, inputs.passphrase).then(stdout => {
core.debug(stdout);
});
}
});
}
core.info('🛒 Setting outputs...');
context.setOutput('fingerprint', privateKey.fingerprint);
context.setOutput('keyid', privateKey.keyID);
context.setOutput('name', privateKey.name);
context.setOutput('email', privateKey.email);
if (inputs.gitUserSigningkey) {
core.info('🔐 Setting GPG signing keyID for this Git repository');
await git.setConfig('user.signingkey', privateKey.keyID, inputs.gitConfigGlobal);
const userEmail = inputs.gitCommitterEmail || privateKey.email;
const userName = inputs.gitCommitterName || privateKey.name;
if (userEmail != privateKey.email) {
core.setFailed(`Committer email "${inputs.gitCommitterEmail}" (name: "${inputs.gitCommitterName}") does not match GPG private key email "${privateKey.email}" (name: "${privateKey.name}")`);
return;
}
core.info(`🔨 Configuring Git committer (${userName} <${userEmail}>)`);
await git.setConfig('user.name', userName, inputs.gitConfigGlobal);
await git.setConfig('user.email', userEmail, inputs.gitConfigGlobal);
if (inputs.gitCommitGpgsign) {
core.info('💎 Sign all commits automatically');
await git.setConfig('commit.gpgsign', 'true', inputs.gitConfigGlobal);
}
if (inputs.gitTagGpgsign) {
core.info('💎 Sign all tags automatically');
await git.setConfig('tag.gpgsign', 'true', inputs.gitConfigGlobal);
}
if (inputs.gitPushGpgsign) {
core.info('💎 Sign all pushes automatically');
await git.setConfig('push.gpgsign', inputs.gitPushGpgsign, inputs.gitConfigGlobal);
}
}
} catch (error) {
core.setFailed(error.message);
}
}
async function cleanup(): Promise<void> {
if (stateHelper.gpgPrivateKey.length <= 0) {
core.debug('GPG private key is not defined. Skipping cleanup.');
return;
}
try {
core.info('🚿 Removing keys');
const privateKey = await openpgp.readPrivateKey(stateHelper.gpgPrivateKey);
await gpg.deleteKey(privateKey.fingerprint);
core.info('💀 Killing GnuPG agent');
await gpg.killAgent();
} catch (error) {
core.warning(error.message);
}
}
if (!stateHelper.IsPost) {
run();
} else {
cleanup();
}