генерировать временный ключ gpg в неинтерактивном режиме (автоматический режим)

с помощью https://www.gnupg.org/documentation/manuals/gnupg/Unattended-GPG-key-generation.html

      - name: gpg key generation - transient
      run: >
        export GNUPGHOME="$(mktemp -d)"
        cat >tempkey <<EOF
          %echo Generating a basic OpenPGP key
          Key-Type: DSA
          Key-Length: 1024
          Subkey-Type: ELG-E
          Subkey-Length: 1024
          Name-Real: J143 Bot
          Name-Comment: with stupid passphrase
          Name-Email: j143+[bot]@protonmail.com
          Expire-Date: 0
          Passphrase: asdfghjkl
          # Do a commit here, so that we can later print "done" :-)
          %commit
          %echo done
        EOF
        gpg --batch --generate-key tempkey

попробовал это в действиях github (CI), у меня появляются следующие сообщения об ошибках:

      gpg: WARNING: unsafe ownership on homedir '/home/runner/gnupg_home'
gpg: failed to create temporary file '/home/runner/gnupg_home/.#lk0x00005632ca729d00.fv-az269-930.1622': Permission denied
gpg: keyblock resource '/home/runner/gnupg_home/pubring.kbx': Permission denied
gpg: Generating a basic OpenPGP key
gpg: failed to create temporary file '/home/runner/gnupg_home/.#lk0x00005632ca732190.fv-az269-930.1622': Permission denied
gpg: can't connect to the agent: Permission denied
gpg: agent_genkey failed: No agent running
gpg: key generation failed: No agent running
gpg: done

с флагом -X

      [INFO] [DEBUG] Configuring mojo 'org.apache.maven.plugins:maven-gpg-plugin:1.6:sign' with basic configurator -->
[INFO] [DEBUG]   (f) ascDirectory = /home/runner/work/release-scripts/release-scripts/systemds/target/gpg
[INFO] [DEBUG]   (f) defaultKeyring = true
[INFO] [DEBUG]   (f) homedir = /home/runner/gnupghome
[INFO] [DEBUG]   (f) interactive = false
[INFO] [DEBUG]   (f) passphraseServerId = gpg.passphrase
[INFO] [DEBUG]   (f) project = MavenProject: org.apache.systemds:systemds:2.1.0-SNAPSHOT @ /home/runner/work/release-scripts/release-scripts/systemds/pom.xml
[INFO] [DEBUG]   (f) settings = org.apache.maven.execution.SettingsAdapter@596ad7fe
[INFO] [DEBUG]   (f) skip = false
[INFO] [DEBUG]   (f) useAgent = true
[INFO] [DEBUG] -- end configuration --
[INFO] [DEBUG] Generating signature for /home/runner/work/release-scripts/release-scripts/systemds/target/systemds-2.1.0-SNAPSHOT.jar

Полный файл рабочего процесса здесь: ./maven-publish.yml#L43-L98

Источник

0 ответов

Другие вопросы по тегам