From 6879be0ad28062feb7a20b79f75e3e6e303b9e9e Mon Sep 17 00:00:00 2001
From: Alvin Huang <17609145+alvin-huang@users.noreply.github.com>
Date: Thu, 6 May 2021 13:55:44 -0400
Subject: [PATCH] add gpg private key importing

---
 README.md  | 31 +++++++++++++++++++++++++++++++
 action.yml | 14 ++++++++++++++
 2 files changed, 45 insertions(+)
 create mode 100644 action.yml

diff --git a/README.md b/README.md
index 10ab767..3803628 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,33 @@
 # ghaction-import-gpg
 GitHub action to import GPG private key
+
+**Note [5/6/2021]:** This was supposed to be a fork ([paultyng/ghaction-import-gpg](https://github.com/paultyng/ghaction-import-gpg)) of a fork ([crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg)) of the upstream repo. Due to the restrictions on using a sign-only key, we encountered this [issue](https://github.com/crazy-max/ghaction-import-gpg/issues/58). This is an internal action that overrides this fork until the issue is resolved upstream.
+## Environment Variables
+
+Following environment variables must be used as `step.env` keys
+
+| Name               | Description                           |
+|--------------------|---------------------------------------|
+| `GPG_PRIVATE_KEY`  | GPG private key exported as an ASCII armored version (**required**) |
+| `PASSPHRASE`       | Passphrase of the `GPG_PRIVATE_KEY` key if set |
+
+## Workflow Example
+
+```yaml
+name: sign
+on: push
+
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Import GPG key
+        id: import_gpg
+        uses: hashicorp/ghaction-import-gpg@v2.1.0
+        env:
+          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+          PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+      - run: |
+          touch foo.txt
+          gpg --detach-sig foo.txt
+```
\ No newline at end of file
diff --git a/action.yml b/action.yml
new file mode 100644
index 0000000..6173d45
--- /dev/null
+++ b/action.yml
@@ -0,0 +1,14 @@
+# action.yml
+name: "GPG key import"
+description: "Import private GPG key"
+runs:
+  using: "composite"
+  steps:
+    - run: |
+        #
+        echo -e "${{ env.GPG_PRIVATE_KEY }}" | gpg --import --batch --no-tty
+        echo "hello world" > temp.txt
+        gpg --detach-sig --yes -v --output=/dev/null --pinentry-mode loopback --passphrase "${{ env.PASSPHRASE }}" temp.txt
+        rm temp.txt
+      shell: bash
+      name: import GPG key and prime passphrase