From b2c96e6e1998a6a297a864576efb1d47e7f6a142 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=81ukasz=20Wro=C5=84ski?= <lukaszwronski98@gmail.com>
Date: Fri, 26 Aug 2022 13:48:56 +0200
Subject: [PATCH] GPG setup

---
 .github/scripts/gpg-setup.sh | 11 +++++++++++
 .github/workflows/ci.yml     |  4 +++-
 2 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 .github/scripts/gpg-setup.sh

diff --git a/.github/scripts/gpg-setup.sh b/.github/scripts/gpg-setup.sh
new file mode 100644
index 0000000..827e054
--- /dev/null
+++ b/.github/scripts/gpg-setup.sh
@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+set -eu
+
+# from https://github.com/coursier/apps/blob/f1d2bf568bf466a98569a85c3f23c5f3a8eb5360/.github/scripts/gpg-setup.sh
+
+echo "$PGP_SECRET" | base64 --decode | gpg --import --no-tty --batch --yes
+
+echo "allow-loopback-pinentry" >>~/.gnupg/gpg-agent.conf
+echo "pinentry-mode loopback" >>~/.gnupg/gpg.conf
+
+gpg-connect-agent reloadagent /bye
\ No newline at end of file
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 072526d..d40e45b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -35,9 +35,11 @@ jobs:
       - uses: VirtusLab/scala-cli-setup@0dab3c3ec860f0443d4d25a56a549f9f46204389
         with:
           jvm: "temurin:17"
-      - run: ./mill -i ci.publishSonatype __.publishArtifacts
+      - run: .github/scripts/gpg-setup.sh
         env:
           PGP_SECRET: ${{ secrets.PUBLISH_SECRET_KEY }}
+      - run: ./mill -i ci.publishSonatype __.publishArtifacts
+        env:
           PGP_PASSPHRASE: ${{ secrets.PUBLISH_SECRET_KEY_PASSWORD }}
           SONATYPE_USERNAME: ${{ secrets.PUBLISH_USER }}
           SONATYPE_PASSWORD: ${{ secrets.PUBLISH_PASSWORD }}