From 832dbbe180cb570f2616df66477bb5d67b149a41 Mon Sep 17 00:00:00 2001 From: Jennifer Green Date: Thu, 5 Sep 2024 09:49:04 -0600 Subject: [PATCH] Update build_deb_package.yml --- .github/workflows/build_deb_package.yml | 26 ++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build_deb_package.yml b/.github/workflows/build_deb_package.yml index 9f10b8e..2f4c904 100644 --- a/.github/workflows/build_deb_package.yml +++ b/.github/workflows/build_deb_package.yml @@ -111,6 +111,7 @@ jobs: - name: Create APT repo if: success() run: | + su - set -e do_hash() { HASH_NAME=$1 @@ -154,32 +155,31 @@ jobs: echo "${GPG_PRIVATE_KEY}" > ~/.gnupg/private.key chmod 0700 ~/.gnupg chmod 0600 ~/.gnupg/*.key - sudo gpg -v --batch --import ~/.gnupg/public.key - sudo gpg -v --batch --import ~/.gnupg/private.key + gpg -v --batch --import ~/.gnupg/public.key + gpg -v --batch --import ~/.gnupg/private.key echo ":white_check_mark: ### Private and Public GPG Keys imported" >> $GITHUB_STEP_SUMMARY - GPG_KEY=( $(sudo gpg --list-keys --keyid-format=long | grep "^pub"| awk '{print $2}' | awk -F'/' '{print $2}') ) - sudo echo -e "$GPG_USERNAME\n$GPG_EMAIL\nNo Comment\no\n" | gpg --batch --command-fd 0 --expert --edit-key ${GPG_KEY[1]} adduid | tee -a $GITHUB_STEP_SUMMARY - sudo echo -e "5\ny\n" | gpg --batch --command-fd 0 --expert --edit-key ${GPG_KEY[1]} trust | tee -a $GITHUB_STEP_SUMMARY + GPG_KEY=( $(gpg --list-keys --keyid-format=long | grep "^pub"| awk '{print $2}' | awk -F'/' '{print $2}') ) + echo -e "$GPG_USERNAME\n$GPG_EMAIL\nNo Comment\no\n" | gpg --batch --command-fd 0 --expert --edit-key ${GPG_KEY[1]} adduid | tee -a $GITHUB_STEP_SUMMARY + echo -e "5\ny\n" | gpg --batch --command-fd 0 --expert --edit-key ${GPG_KEY[1]} trust | tee -a $GITHUB_STEP_SUMMARY echo ":white_check_mark: ### GPG key edit adduid and trust complete" >> $GITHUB_STEP_SUMMARY - sudo gpg --list-keys ${GPG_USERNAME} | tee -a $GITHUB_STEP_SUMMARY + gpg --list-keys ${GPG_USERNAME} | tee -a $GITHUB_STEP_SUMMARY cd ${deb_pkg_dir} && file ovis-ldms_4.4.3-1_arm64.deb - sudo cat << EOF >~/.gnupg/gpg-passwd.txt + cat << EOF >~/.gnupg/gpg-passwd.txt ${GPG_PASSWORD} EOF - sudo cat << EOF >~/.gnupg/gpg.conf + cat << EOF >~/.gnupg/gpg.conf use-agent pinentry-mode loopback EOF - sudo cat << EOF >~/.gnupg/gpg-agent.conf + cat << EOF >~/.gnupg/gpg-agent.conf allow-loopback-pinentry EOF - sudo cp -Rf ~runner/.gnupg /root/. - sudo echo RELOADAGENT | gpg-connect-agent + echo RELOADAGENT | gpg-connect-agent tty=$(which tty) - sudo export GPG_TTY=$tty + export GPG_TTY=$tty ls -al ovis-ldms_4.4.3-1_arm64.deb && echo ":white_check_mark: $(pwd)/ovis-ldms_4.4.3-1_arm64.deb is $(file ovis-ldms_4.4.3-1_arm64.deb)" | tee -a $GITHUB_STEP_SUMMARY echo "Signing with dpkg-sig" | tee -a $GITHUB_STEP_SUMMARY - sudo dpkg-sig -k ${GPG_KEY[1]} --gpg-options '--passphrase-file ~/.gnupg/gpg-passwd.txt' --sign builder ovis-ldms_4.4.3-1_arm64.deb + dpkg-sig -k ${GPG_KEY[1]} --gpg-options '--passphrase-file ~/.gnupg/gpg-passwd.txt' --sign builder ovis-ldms_4.4.3-1_arm64.deb echo ":white_check_mark: ### Apt-repo signed" >> $GITHUB_STEP_SUMMARY - name: Build Test Server