aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorligi <ligi@ligi.de>2018-05-09 07:13:53 +0800
committerFelix Lange <fjl@users.noreply.github.com>2018-05-09 07:13:53 +0800
commiteab6e5a317acf67409f82bc5c1f4d959413dfd47 (patch)
tree8ffb7cd4b55ff925ba77e82677ae31e208581fae
parentc4a4613d9504db43a26a3c79dda8bf6be0d1237a (diff)
downloadgo-tangerine-eab6e5a317acf67409f82bc5c1f4d959413dfd47.tar.gz
go-tangerine-eab6e5a317acf67409f82bc5c1f4d959413dfd47.tar.zst
go-tangerine-eab6e5a317acf67409f82bc5c1f4d959413dfd47.zip
build: specify the key to use when invoking gpg:sign-and-deploy-file (#16696)
-rw-r--r--build/ci.go21
-rw-r--r--internal/build/pgp.go12
2 files changed, 25 insertions, 8 deletions
diff --git a/build/ci.go b/build/ci.go
index 204c20675..79dcc146c 100644
--- a/build/ci.go
+++ b/build/ci.go
@@ -755,14 +755,18 @@ func doAndroidArchive(cmdline []string) {
os.Rename(archive, meta.Package+".aar")
if *signer != "" && *deploy != "" {
// Import the signing key into the local GPG instance
- if b64key := os.Getenv(*signer); b64key != "" {
- key, err := base64.StdEncoding.DecodeString(b64key)
- if err != nil {
- log.Fatalf("invalid base64 %s", *signer)
- }
- gpg := exec.Command("gpg", "--import")
- gpg.Stdin = bytes.NewReader(key)
- build.MustRun(gpg)
+ b64key := os.Getenv(*signer)
+ key, err := base64.StdEncoding.DecodeString(b64key)
+ if err != nil {
+ log.Fatalf("invalid base64 %s", *signer)
+ }
+ gpg := exec.Command("gpg", "--import")
+ gpg.Stdin = bytes.NewReader(key)
+ build.MustRun(gpg)
+
+ keyID, err := build.PGPKeyID(string(key))
+ if err != nil {
+ log.Fatal(err)
}
// Upload the artifacts to Sonatype and/or Maven Central
repo := *deploy + "/service/local/staging/deploy/maven2"
@@ -771,6 +775,7 @@ func doAndroidArchive(cmdline []string) {
}
build.MustRunCommand("mvn", "gpg:sign-and-deploy-file", "-e", "-X",
"-settings=build/mvn.settings", "-Durl="+repo, "-DrepositoryId=ossrh",
+ "-Dgpg.keyname="+keyID,
"-DpomFile="+meta.Package+".pom", "-Dfile="+meta.Package+".aar")
}
}
diff --git a/internal/build/pgp.go b/internal/build/pgp.go
index 79ab9c06f..c7d0d2339 100644
--- a/internal/build/pgp.go
+++ b/internal/build/pgp.go
@@ -57,3 +57,15 @@ func PGPSignFile(input string, output string, pgpkey string) error {
// Generate the signature and return
return openpgp.ArmoredDetachSign(out, keys[0], in, nil)
}
+
+// PGPKeyID parses an armored key and returns the key ID.
+func PGPKeyID(pgpkey string) (string, error) {
+ keys, err := openpgp.ReadArmoredKeyRing(bytes.NewBufferString(pgpkey))
+ if err != nil {
+ return "", err
+ }
+ if len(keys) != 1 {
+ return "", fmt.Errorf("key count mismatch: have %d, want %d", len(keys), 1)
+ }
+ return keys[0].PrimaryKey.KeyIdString(), nil
+}