bugsnag-cocoa/.github/workflows/signing.yml at master · bugsnag/bugsnag-cocoa · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
name: Sign release assets

permissions: read-all

on:
  release:
    types: [released]
  workflow_dispatch:
    inputs:
      tag:
        description: 'Tag to sign'
        required: true
        type: string
jobs:
  sign-assets:
    runs-on: ubuntu-latest
    steps:
      - name: Install gpg
        run: |
          sudo apt-get update
          sudo apt-get install -y gnupg
      - name: Import GPG key
        run: |
          echo "${{ secrets.PLATFORMS_GPG_KEY_BASE64 }}" | base64 --decode | gpg --batch --import
      - name: Sign assets
        uses: bugsnag/platforms-release-signer@4d88944b11e503624f8a511cf6d0fa2901822b60 # v1.0.0
        with:
          github_token: ${{ secrets.PLATFORMS_SIGNING_GITHUB_TOKEN }}
          full_repository: ${{ github.repository }}
          release_tag: ${{ github.event_name == 'workflow_dispatch' && inputs.tag || github.event.release.tag_name }}
          key_id: ${{ secrets.PLATFORMS_GPG_KEY_ID }}
          key_passphrase: ${{ secrets.PLATFORMS_GPG_KEY_PASSPHRASE }}