goreleaser / goreleaser-cross

Docker image for Golang cross-compiling with CGO
MIT License
156 stars 26 forks source link

signing failed: No secret key #33

Open linouk23 opened 1 year ago

linouk23 commented 1 year ago

Hi there,

First of all, thanks to you all for creating such an amazing project!

I've been trying to update my project to use https://github.com/goreleaser/goreleaser-cross instead of https://github.com/goreleaser/goreleaser.

More specifically, I've updated this line to be make release-dry-run to match this.

However, I've been getting an error during make release step (more specifically, during signing artifacts step):

...
    • signing                                        artifact=terraform-provider-confluent-internal_1.34.4_SHA256SUMS cmd=gpg signature=dist/terraform-provider-confluent-internal_1.34.4_SHA256SUMS.sig02:34
  ⨯ release failed after 36s                 error=sign: gpg failed: exit status 2: gpg: directory '/root/.gnupg' created02:34
gpg: keybox '/root/.gnupg/pubring.kbx' created02:34
gpg: skipped "766DB83696A47670296E603FD4A2B1EDB0EC0C8E": No secret key # where 766... is my GPG_FINGERPRINT
gpg: signing failed: No secret key
make: *** [Makefile:125: release-dry-run] Error 1

I double checked the README but it only references 3 env vars and Goreleaser variables (that I didn't manage to find a full list of): image.

Here's a list of env vars I do provide:

          - 'echo "GOPATH=${GOPATH}" >> .release-env'
          - 'echo "GPG_FINGERPRINT=${GPG_FINGERPRINT}" >> .release-env'
          - 'echo "GPG_PASSWORD=${GPG_PASSWORD}" >> .release-env'
          - 'echo "GPG_KEY=${GPG_PRIVATE_KEY}" >> .release-env'

If that helps, here's a project that seems to be related that shares:

        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
          GORELEASER_KEY: ${{ secrets.GORELEASER_PRO_KEY }}
troian commented 1 year ago

hi, sorry for late reply. does /root/.gnupg have private key in it?