From 31ea73778133b915bb36ffd702b7ee8869bb6aad Mon Sep 17 00:00:00 2001 From: Jiaqi Luo <6218999+jiaqiluo@users.noreply.github.com> Date: Tue, 15 Oct 2024 16:51:08 -0700 Subject: [PATCH] find and use the secret subkey fingerprint which can be used for signing operations --- .github/workflows/pre-release.yaml | 6 ++---- .github/workflows/release.yaml | 6 ++---- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/pre-release.yaml b/.github/workflows/pre-release.yaml index fc4da8f0..37f47ae0 100644 --- a/.github/workflows/pre-release.yaml +++ b/.github/workflows/pre-release.yaml @@ -39,10 +39,8 @@ jobs: echo "Importing gpg key" echo -n "$GPG_KEY" | base64 --decode | gpg --import --batch >/dev/null - # Print the list of secret key - gpg --list-secret-keys --with-colons - # Extract only the first full fingerprint from the list of secret keys - GPG_KEY_ID=$(gpg --list-secret-keys --with-colons | awk -F: '/^fpr/ {print $10; exit}') + # Extract the correct secret subkey fingerprint + GPG_KEY_ID=$(gpg --list-secret-keys --with-colons | awk -F: '/^ssb/ {found=1} found && /^fpr/ {print $10; exit}') echo "Extracted GPG Key ID: $GPG_KEY_ID" # Automatically trust the key by creating a trust level entry for the key (ultimate trust) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 0778de52..67af3d01 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -39,10 +39,8 @@ jobs: echo "Importing gpg key" echo -n "$GPG_KEY" | base64 --decode | gpg --import --batch >/dev/null - # Print the list of secret key - gpg --list-secret-keys --with-colons - # Extract only the first full fingerprint from the list of secret keys - GPG_KEY_ID=$(gpg --list-secret-keys --with-colons | awk -F: '/^fpr/ {print $10; exit}') + # Extract the correct secret subkey fingerprint + GPG_KEY_ID=$(gpg --list-secret-keys --with-colons | awk -F: '/^ssb/ {found=1} found && /^fpr/ {print $10; exit}') echo "Extracted GPG Key ID: $GPG_KEY_ID" # Automatically trust the key by creating a trust level entry for the key (ultimate trust)