Skip to content

Commit f0342a3

Browse files
rugoncalvesrugoncalves
committed
Update action.yml
1 parent 922c669 commit f0342a3

1 file changed

Lines changed: 6 additions & 4 deletions

File tree

.github/actions/signed-commit/action.yml

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -99,8 +99,9 @@ runs:
9999
100100
# Create a GPG wrapper script that always uses loopback pinentry mode
101101
# This ensures GPG never tries to access /dev/tty regardless of how it's invoked
102+
# We embed GNUPGHOME directly so the wrapper works even if env isn't inherited
102103
GPG_WRAPPER="$GNUPGHOME/gpg-wrapper.sh"
103-
printf '%s\n' '#!/bin/bash' 'exec gpg --pinentry-mode loopback "$@"' > "$GPG_WRAPPER"
104+
printf '%s\n' '#!/bin/bash' "export GNUPGHOME=\"$GNUPGHOME\"" 'exec gpg --homedir "$GNUPGHOME" --pinentry-mode loopback "$@"' > "$GPG_WRAPPER"
104105
chmod 755 "$GPG_WRAPPER"
105106
106107
# Export wrapper path for git to use
@@ -180,7 +181,7 @@ runs:
180181
if [ -n "$IMPORT_OUTPUT" ]; then
181182
FINGERPRINT="$IMPORT_OUTPUT"
182183
else
183-
FINGERPRINT=$(gpg --list-secret-keys --with-colons | { grep fpr || true; } | head -1 | cut -d':' -f10)
184+
FINGERPRINT=$(gpg --pinentry-mode loopback --list-secret-keys --with-colons | { grep fpr || true; } | head -1 | cut -d':' -f10)
184185
fi
185186
186187
# ----------------------------------------------------------
@@ -197,7 +198,7 @@ runs:
197198
# ----------------------------------------------------------
198199
# The 'uid' line in --with-colons format contains the user ID in field 10.
199200
# Format is typically: "Real Name <email@example.com>"
200-
USER_ID=$(gpg --list-secret-keys --with-colons "$FINGERPRINT" | { grep uid || true; } | head -1 | cut -d':' -f10)
201+
USER_ID=$(gpg --pinentry-mode loopback --list-secret-keys --with-colons "$FINGERPRINT" | { grep uid || true; } | head -1 | cut -d':' -f10)
201202
202203
# Parse email (inside angle brackets) and name (before angle brackets)
203204
USER_EMAIL=""
@@ -268,7 +269,8 @@ runs:
268269
269270
# Extract keygrip from machine-readable output.
270271
# 'grp' line contains the keygrip in field 10.
271-
KEYGRIP=$(gpg --list-secret-keys --with-colons --with-keygrip "$SIGNING_KEY" | { grep grp || true; } | head -1 | cut -d':' -f10)
272+
# --pinentry-mode loopback prevents TTY prompts
273+
KEYGRIP=$(gpg --pinentry-mode loopback --list-secret-keys --with-colons --with-keygrip "$SIGNING_KEY" | { grep grp || true; } | head -1 | cut -d':' -f10)
272274
KEYGRIP="${KEYGRIP:-}" # Ensure variable is defined (empty if not found)
273275
274276
# ----------------------------------------------------------

0 commit comments

Comments
 (0)