|
24 | 24 | dnf upgrade -y |
25 | 25 | [[ "${{ matrix.version }}" -lt 10 ]] && dnf module enable -y maven:3.8 |
26 | 26 | [[ "${{ matrix.version }}" = 10 ]] && dnf install -y almalinux-release-devel |
27 | | - dnf install -y git maven-openjdk21 rpmdevtools rpmlint |
| 27 | + dnf install -y git maven-openjdk21 rpmdevtools rpmlint rpm-sign |
28 | 28 | - name: Setup build tree |
29 | 29 | run: | |
30 | 30 | echo "%_topdir $(pwd)/rpmbuild" >> ~/.rpmmacros |
@@ -64,11 +64,29 @@ jobs: |
64 | 64 | echo "Version POM: ${VERSION_POM}" |
65 | 65 | echo "Version RPM: ${VERSION_RPM}" |
66 | 66 | echo "Repo: ${REPO:-none}" |
| 67 | + - name: Import GPG key |
| 68 | + if: ${{ matrix.version != 8 }} |
| 69 | + env: |
| 70 | + MAVEN_GPG_KEY: ${{ secrets.MAVEN_GPG_KEY }} |
| 71 | + MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }} |
| 72 | + run: | |
| 73 | + echo "${MAVEN_GPG_KEY}" > private-key.asc |
| 74 | + gpg --batch --import-options import-show --import private-key.asc |
| 75 | + rm private-key.asc |
| 76 | + gpg --export -a CNAFSD > RPM-GPG-KEY-pmanager |
| 77 | + rpm --import RPM-GPG-KEY-pmanager |
| 78 | + echo "%_gpg_name CNAFSD" >> ~/.rpmmacros |
| 79 | + echo "%_gpg_sign_cmd_extra_args --pinentry-mode loopback --passphrase ${MAVEN_GPG_PASSPHRASE}" >> ~/.rpmmacros |
67 | 80 | - name: Build RPM |
68 | 81 | run: | |
69 | 82 | cp rpmbuild/BUILD/voms-api-java.spec rpmbuild/SPECS/voms-api-java.spec |
70 | 83 | rpmlint rpmbuild/SPECS/voms-api-java.spec |
71 | 84 | rpmbuild --define "base_version ${VERSION_RPM}" --define "version_pom ${VERSION_POM}" -ba rpmbuild/SPECS/voms-api-java.spec |
| 85 | + if [[ "${{ matrix.version }}" = 8 ]]; then |
| 86 | + echo "Skip signing on AlmaLinux 8 to avoid error: RPM-GPG-KEY-pmanager: key 1 import failed" |
| 87 | + exit 0 |
| 88 | + fi |
| 89 | + GPG_TTY="" rpm --addsign rpmbuild/RPMS/noarch/*.rpm |
72 | 90 | - uses: actions/upload-artifact@v4 |
73 | 91 | with: |
74 | 92 | name: build-rpm-${{ matrix.os }}-${{ matrix.version }} |
|
0 commit comments