Skip to content

Commit

Permalink
fixup! release: build unsigned Ubuntu .deb package
Browse files Browse the repository at this point in the history 
This avoids some Bash-only `sed` invocations to strip quotes where no
stripping is required if `az` is asked to output the value in a more
appropriate format.

Signed-off-by: Johannes Schindelin <[email protected]>
  • Loading branch information
@dscho
dscho committed Jan 20, 2025
1 parent c4514dc commit ed8287b
Showing 1 changed file with 3 additions and 8 deletions.
11 changes: 3 additions & 8 deletions .github/workflows/build-git-installers.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -607,14 +607,9 @@ jobs:
sudo apt-get install -y debsigs
# Download GPG key, passphrase, and keygrip from Azure Key Vault
key=$(az keyvault secret show --name $GPG_KEY_SECRET_NAME --vault-name $AZURE_VAULT --query "value")
passphrase=$(az keyvault secret show --name $GPG_PASSPHRASE_SECRET_NAME --vault-name $AZURE_VAULT --query "value")
keygrip=$(az keyvault secret show --name $GPG_KEYGRIP_SECRET_NAME --vault-name $AZURE_VAULT --query "value")
# Remove quotes from downloaded values
key=$(sed -e 's/^"//' -e 's/"$//' <<<"$key")
passphrase=$(sed -e 's/^"//' -e 's/"$//' <<<"$passphrase")
keygrip=$(sed -e 's/^"//' -e 's/"$//' <<<"$keygrip")
key="$(az keyvault secret show --name "$GPG_KEY_SECRET_NAME" --vault-name "$AZURE_VAULT" --query "value" --output tsv)"
passphrase="$(az keyvault secret show --name "$GPG_PASSPHRASE_SECRET_NAME" --vault-name "$AZURE_VAULT" --query "value" --output tsv)"
keygrip="$(az keyvault secret show --name "$GPG_KEYGRIP_SECRET_NAME" --vault-name "$AZURE_VAULT" --query "value" --output tsv)"
# Import GPG key
echo "$key" | base64 -d | gpg --import --no-tty --batch --yes
Expand Down

0 comments on commit ed8287b

Please sign in to comment.