Update signing key to unexpired (#307) #18
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| on: | |
| push: | |
| tags: | |
| - "*" | |
| jobs: | |
| build: | |
| strategy: | |
| matrix: | |
| os: [ubuntu-24.04, macos-14, windows-2025] | |
| include: | |
| - os: windows-2025 | |
| ext: .exe | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: IronCoreLabs/rust-toolchain@v1 | |
| - name: Build | |
| run: cargo build --release | |
| - name: Package release artifacts | |
| working-directory: target/release | |
| run: mv ironoxide-cli${{ matrix.ext }} ironoxide-cli-${{ matrix.os }}${{ matrix.ext }} | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: release-${{ matrix.os }} | |
| path: target/release/ironoxide-cli-${{ matrix.os }}${{ matrix.ext }} | |
| release: | |
| runs-on: ubuntu-24.04 | |
| needs: build | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Decrypt PGP key | |
| uses: IronCoreLabs/ironhide-actions/decrypt@v3 | |
| with: | |
| keys: ${{ secrets.IRONHIDE_KEYS }} | |
| input: .github/signing-key.asc.iron | |
| - name: Import PGP key | |
| run: gpg --batch --import .github/signing-key.asc | |
| - uses: actions/create-release@v1 | |
| id: release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ github.ref }} | |
| release_name: Version ${{ github.ref }} | |
| - name: Download release artifacts from ubuntu-24.04 | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: release-ubuntu-24.04 | |
| path: release/ubuntu-24.04 | |
| - name: Delete artifact | |
| uses: geekyeggo/delete-artifact@v5 | |
| with: | |
| name: release-ubuntu-24.04 | |
| failOnError: false | |
| - name: Sign artifact for ubuntu-24.04 | |
| run: | | |
| gpg --batch --detach-sign -a release/ubuntu-24.04/ironoxide-cli-ubuntu-24.04 | |
| gpg --batch --verify release/ubuntu-24.04/ironoxide-cli-ubuntu-24.04.asc release/ubuntu-24.04/ironoxide-cli-ubuntu-24.04 | |
| - name: Upload artifact for ubuntu-24.04 | |
| run: gh release upload ${{ github.ref }} release/ubuntu-24.04/ironoxide-cli-ubuntu-24.04 release/ubuntu-24.04/ironoxide-cli-ubuntu-24.04.asc --clobber | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Download release artifacts from macos-14 | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: release-macos-14 | |
| path: release/macos-14 | |
| - name: Delete artifact | |
| uses: geekyeggo/delete-artifact@v5 | |
| with: | |
| name: release-macos-14 | |
| failOnError: false | |
| - name: Sign artifact for macos-14 | |
| run: | | |
| gpg --batch --detach-sign -a release/macos-14/ironoxide-cli-macos-14 | |
| gpg --batch --verify release/macos-14/ironoxide-cli-macos-14.asc release/macos-14/ironoxide-cli-macos-14 | |
| - name: Upload artifact for macos-14 | |
| run: gh release upload ${{ github.ref }} release/macos-14/ironoxide-cli-macos-14 release/macos-14/ironoxide-cli-macos-14.asc --clobber | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Download release artifacts from windows-2025 | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: release-windows-2025 | |
| path: release/windows-2025 | |
| - name: Delete artifact | |
| uses: geekyeggo/delete-artifact@v5 | |
| with: | |
| name: release-windows-2025 | |
| failOnError: false | |
| - name: Sign artifact for windows-2025 | |
| run: | | |
| gpg --batch --detach-sign -a release/windows-2025/ironoxide-cli-windows-2025.exe | |
| gpg --batch --verify release/windows-2025/ironoxide-cli-windows-2025.exe.asc release/windows-2025/ironoxide-cli-windows-2025.exe | |
| - name: Upload artifact for windows-2025 | |
| run: gh release upload ${{ github.ref }} release/windows-2025/ironoxide-cli-windows-2025.exe release/windows-2025/ironoxide-cli-windows-2025.exe.asc --clobber | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |