admin/brew
1
0
Fork 0
Code Issues Packages Projects Releases 6 Wiki Activity

ci: switch to SSH signing everywhere

Browse Source 
Signed-off-by: William Woodruff <william@yossarian.net>
This commit is contained in:
William Woodruff 2025-02-03 21:56:57 +01:00
parent c5e2aa63e5
commit 3ec71d8acc
No known key found for this signature in database
5 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/schemas.yml vendored
View File

@ -37,13 +37,13 @@ jobs:
- name: Set up commit signing - name: Set up commit signing
uses: Homebrew/actions/setup-commit-signing@master uses: Homebrew/actions/setup-commit-signing@master
with: with:
signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} ssh: true
signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }}
- name: Update schema data - name: Update schema data
id: update id: update
env: env:
GITHUB_TOKEN: ${{ secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN }} GITHUB_TOKEN: ${{ secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN }}
HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }}
working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }} working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
run: | run: |
git fetch origin git fetch origin

4
.github/workflows/sorbet.yml vendored
View File

@ -45,7 +45,8 @@ jobs:
if: github.event_name != 'pull_request' if: github.event_name != 'pull_request'
uses: Homebrew/actions/setup-commit-signing@master uses: Homebrew/actions/setup-commit-signing@master
with: with:
signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} ssh: true
signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }}
- name: Update RBI files - name: Update RBI files
id: update id: update
@ -74,7 +75,6 @@ jobs:
if: github.event_name != 'pull_request' if: github.event_name != 'pull_request'
env: env:
GITHUB_TOKEN: ${{ secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN }} GITHUB_TOKEN: ${{ secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN }}
HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }}
working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }} working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
run: | run: |
if ! git diff --stat --exit-code "Library/Homebrew/sorbet" if ! git diff --stat --exit-code "Library/Homebrew/sorbet"

4
.github/workflows/spdx.yml vendored
View File

@ -37,13 +37,13 @@ jobs:
- name: Set up commit signing - name: Set up commit signing
uses: Homebrew/actions/setup-commit-signing@master uses: Homebrew/actions/setup-commit-signing@master
with: with:
signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} ssh: true
signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }}
- name: Update SPDX license data - name: Update SPDX license data
id: update id: update
env: env:
GITHUB_TOKEN: ${{ secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN }} GITHUB_TOKEN: ${{ secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN }}
HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }}
working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }} working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
run: | run: |
git fetch origin git fetch origin

4
.github/workflows/sponsors-maintainers-man-completions.yml vendored
View File

@ -46,7 +46,8 @@ jobs:
- name: Set up commit signing - name: Set up commit signing
uses: Homebrew/actions/setup-commit-signing@master uses: Homebrew/actions/setup-commit-signing@master
with: with:
signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} ssh: true
signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }}
- name: Cache Bundler RubyGems - name: Cache Bundler RubyGems
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
@ -120,7 +121,6 @@ jobs:
env: env:
GITHUB_TOKEN: ${{ secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN }} GITHUB_TOKEN: ${{ secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN }}
HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.HOMEBREW_BREW_UPDATE_SPONSORS_MAINTAINERS_TOKEN }} HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.HOMEBREW_BREW_UPDATE_SPONSORS_MAINTAINERS_TOKEN }}
HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }}
working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }} working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
- name: Push commits - name: Push commits

6
.github/workflows/vendor-gems.yml vendored
View File

@ -47,7 +47,8 @@ jobs:
if: github.event_name == 'workflow_dispatch' if: github.event_name == 'workflow_dispatch'
uses: Homebrew/actions/setup-commit-signing@master uses: Homebrew/actions/setup-commit-signing@master
with: with:
signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} ssh: true
signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }}
- name: Check out pull request - name: Check out pull request
id: checkout id: checkout
@ -66,8 +67,6 @@ jobs:
working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }} working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
- name: Vendor Gems - name: Vendor Gems
env:
HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }}
run: | run: |
if [[ "${GITHUB_EVENT_NAME}" == "workflow_dispatch" ]] if [[ "${GITHUB_EVENT_NAME}" == "workflow_dispatch" ]]
then then
@ -83,7 +82,6 @@ jobs:
if: github.event_name == 'workflow_dispatch' if: github.event_name == 'workflow_dispatch'
env: env:
GEM_NAME: ${{ steps.checkout.outputs.gem_name }} GEM_NAME: ${{ steps.checkout.outputs.gem_name }}
HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }}
working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }} working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
run: | run: |
if ! git diff --stat --exit-code "Library/Homebrew/sorbet" if ! git diff --stat --exit-code "Library/Homebrew/sorbet"