diff --git a/.github/workflows/release-pontos-manually.yml b/.github/workflows/release-pontos-manually.yml new file mode 100644 index 00000000..b3eb5eab --- /dev/null +++ b/.github/workflows/release-pontos-manually.yml @@ -0,0 +1,54 @@ +name: Manually release gvm-libs with pontos + +on: + workflow_dispatch: + +jobs: + release-patch: + env: + GITHUB_USER: ${{ secrets.GREENBONE_BOT }} + GITHUB_MAIL: ${{ secrets.GREENBONE_BOT_MAIL }} + GITHUB_TOKEN: ${{ secrets.GREENBONE_BOT_TOKEN }} + GPG_KEY: ${{ secrets.GPG_KEY }} + GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + name: Release patch with pontos + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@v2 + with: + persist-credentials: false + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: 3.8 + - name: Install poetry and dependencies + uses: greenbone/actions/poetry@v1 + - name: Tell git who I am + run: | + git config --global user.name "${{ env.GITHUB_USER }}" + git config --global user.email "${{ env.GITHUB_MAIL }}" + git remote set-url origin https://${{ env.GITHUB_TOKEN }}@github.com/${{ github.repository }} + - run: echo "Current Branch is $GITHUB_BASE_REF" + - name: Prepare patch release with pontos + run: | + poetry run pontos-release prepare --patch + echo "VERSION=$(poetry run pontos-version show)" >> $GITHUB_ENV + - name: Release with pontos + run: | + poetry run pontos-release release + - name: Import key from secrets + run: | + echo -e "${{ env.GPG_KEY }}" >> tmp.file + gpg \ + --pinentry-mode loopback \ + --passphrase ${{ env.GPG_PASSPHRASE }} \ + --import tmp.file + rm tmp.file + - name: Sign with pontos-release sign + run: | + echo "Signing assets for ${{env.VERSION}}" + poetry run pontos-release sign \ + --signing-key ${{ env.GPG_FINGERPRINT }} \ + --passphrase ${{ env.GPG_PASSPHRASE }} \ + --release-version ${{ env.VERSION }}