0x464e
commented
1 year ago Did you get this solved?
I'm also looking to have my release commit signed when using GitHub actions.
Closed AliSajid closed 1 year ago
0x464e
commented
1 year ago Did you get this solved?
I'm also looking to have my release commit signed when using GitHub actions.
travi
commented
1 year ago 0x464e
commented
1 year ago Not sure if I'm stupid or you understood the question wrong, but that is about Travis, not GitHub Actions(?).
Anyway, I managed to get it working (after way too much struggle) by following this:
https://gist.github.com/vansergen/88eb7e71fea2e3bdaf6aa3e752371eb7
0x464e
commented
1 year ago Also while I have you here and you might see these messages @travi, any Idea why using a simple workflow like this didn't work with semantic-release?
https://github.com/crazy-max/ghaction-import-gpg
The semantic-release workflow just froze indefinitely (until I clicked cancel) after completing the release note generation step.
And I can confirm I set up that import gpg workflow correctly, because it worked and signed my commits just fine when I tried things other than semantic-release.
If you have no idea to throw from on top of your head, that's fine. I can make an issue in some repo (not sure where I should make it), or just let the problem be. I'm also fine with my manual signing setup.
seebeen
commented
1 year ago Heya,
That action works, and commits are signed. You can see that here: oblakstudio/extremis-core
Here is the workflow that GPG signs everything.
extremis-core/.github/workflows/release.yml
Note the commiter config in the release step, and see the specific GPG config
0x464e
commented
1 year ago Interesting, because (if I remember correctly) I set up everything just like you did, but it just would not work.
Might give it a second try, but for now I'm just manually setting up gpg for signing commits (see https://github.com/0x464e/slideshow-video/blob/master/.github/workflows/release.yml)
seebeen
commented
1 year ago If you're doing the release as yourself, you can copy the parts from my config regarding the GPG action. If your commiter config in the release step matches (BOTH name and email) - everything should be signed.
Give it a go, and if it doesn't work, I'll take a look and make a PR :)
sheerlox
commented
1 year ago @0x464e
The semantic-release workflow just froze indefinitely (until I clicked cancel) after completing the release note generation step.
Interesting, because (if I remember correctly) I set up everything just like you did, but it just would not work.
I ran into this issue as well a few days ago. After investigation (notably turning execa debug mode on), the issue was coming from git trying to sign the tag. As lightweight tags cannot be signed, it automatically tries to make an annotated tag, which needs a message. For this reason, an editor is raised, hanging the process indefinitely.
The issue is in semantic-release and not its git plugin (which got me at first too), I've opened an issue there.
Let's track this here: https://github.com/semantic-release/semantic-release/issues/3065
Since the original issue was resolved by Matt's response and the Gist shared by 0x464e, I'm closing this issue and opened https://github.com/semantic-release/git/issues/498 to track the need to update the GPG documentation.
Hi,
I am trying to set up GPG signing for all my commits, including those by semantic-release. I use github actions for CI. I wanted to know if the plugin picks up the gpg signature settings automatically from the environment or do I need to explicitly modify Git Configuration during the CI run.
If there's no automatic detection, would it be possible for you to entertain a pull request that does that?