Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No secret key when signing with goreleaser #150

Closed
jackdelahunt opened this issue Sep 26, 2022 · 1 comment
Closed

No secret key when signing with goreleaser #150

jackdelahunt opened this issue Sep 26, 2022 · 1 comment

Comments

@jackdelahunt
Copy link

jackdelahunt commented Sep 26, 2022
edited
Loading

Behaviour

Steps to reproduce this issue

  1. Using this action with go releaser
  2. This is the job used when running here

Expected behavior

There should be a secret key that is usable in github action but this does not exist

Actual behaviour

Get the following error:

error=sign: gpg failed: exit status 2: gpg: skipped "16FD00780F650E14C1DADC0C7C6D3C2557522BBB": No secret key
| gpg: signing failed: No secret key

This is caused by no secret only public key

Configuration

  • PASSPRAHSE and GPG_PRIVATE_KEY are set in repo secrets as expected.
# Visit https://goreleaser.com for documentation on how to customize this
# behavior.
before:
  hooks:
    # this is just an example and not a requirement for provider building/publishing
    - go mod tidy
builds:
- env:
    # goreleaser does not work with CGO, it could also complicate
    # usage by users in CI/CD systems like Terraform Cloud where
    # they are unable to install libraries.
    - CGO_ENABLED=0
  mod_timestamp: '{{ .CommitTimestamp }}'
  flags:
    - -trimpath
  ldflags:
    - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}'
  goos:
    - darwin
  goarch:
    - arm64
  binary: '{{ .ProjectName }}_v{{ .Version }}'
archives:
- format: zip
  name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
checksum:
  extra_files:
    - glob: 'terraform-registry-manifest.json'
      name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json'
  name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
  algorithm: sha256
signs:
  - artifacts: checksum
    cmd: gpg
    args: ['--batch', '--local-user', '{{ .Env.GPG_FINGERPRINT }}', '--output', '${signature}', '--detach-sign', '${artifact}']
release:
  extra_files:
    - glob: 'terraform-registry-manifest.json'
      name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json'
  # If you want to manually examine the release before its live, uncomment this line:
  # draft: true
changelog:
  skip: true
@hatamiarash7
Copy link

I have this problem. How did you solve that?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hatamiarash7 @jackdelahunt