serv/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-26 21:53:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

ci: reject tags if not signed by Matthew Holt's key (#3932)

Browse source 
* ci: reject tags if not signed by Matthew Holt's key

* ci: don't reject tags if an intermediate commits are not signed
This commit is contained in:
Mohammed Al Sahaf 2020-12-29 22:52:13 +03:00 committed by GitHub
parent 635f075f18
commit 2b90cdba52
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.github/workflows/release.yml vendored
View file

@ -53,6 +53,16 @@ jobs:
echo "::set-output name=tag_patch::${TAG_PATCH}"
echo "::set-output name=tag_special::${TAG_SPECIAL}"
- name: Validate commits and tag signatures
run: |
# Import Matt Holt's key
curl 'https://github.com/mholt.gpg' | gpg --import
echo "Verifying the tag: ${{ steps.vars.outputs.version_tag }}"
# tags are only accepted if signed by Matt's key
git verify-tag "${{ steps.vars.outputs.version_tag }}" || exit 1
- name: Cache the build cache
uses: actions/cache@v2
with: