[build] Sign SHA files and release public key

Closes #6344 Authored by: Grub4K
2025-08-10 18:59:39 +00:00 · 2023-03-03 22:36:30 +05:30
parent 77df20f14c
commit 12647e03d4
5 changed files with 56 additions and 1 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -30,6 +30,9 @@ on:
      meta_files:
        default: true
        type: boolean
+    secrets:
+      GPG_SIGNING_KEY:
+        required: false

  workflow_dispatch:
    inputs:
@@ -330,6 +333,16 @@ jobs:
          lock 2022.08.18.36 .+ Python 3.6
          EOF

+      - name: Sign checksum files
+        env:
+          GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
+        if: env.GPG_SIGNING_KEY != ''
+        run: |
+          gpg --batch --import <<< "${{ secrets.GPG_SIGNING_KEY }}"
+          for signfile in ./SHA*SUMS; do
+            gpg --batch --detach-sign "$signfile"
+          done
+
      - name: Upload artifacts
        uses: actions/upload-artifact@v3
        with: