diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml index a4abbfef5..788f9f82a 100644 --- a/.gitea/workflows/build.yml +++ b/.gitea/workflows/build.yml @@ -54,13 +54,14 @@ jobs: chown -R builder:builder /tmp/build-distcc-avahi cd /tmp/build-distcc-avahi sudo -u builder -H makepkg --nocheck --noconfirm --syncdeps --cleanbuild - ls -la *.pkg.tar.zst + ls -la *.pkg.tar.* | grep -v "\.sig$" - name: sign package run: | set -e cd /tmp/build-distcc-avahi - for f in *.pkg.tar.zst; do + for f in *.pkg.tar.xz *.pkg.tar.zst *.pkg.tar.gz; do + [ -f "$f" ] || continue gpg --batch --pinentry-mode loopback --passphrase-file /root/repo_pass \ --detach-sign --yes -u 92D5E96D8F63C75E4116AA1FF5C8C4603D0D250C "$f" done @@ -75,13 +76,24 @@ jobs: curl -sSL https://packages.reauktion.de/arch/aarch64/marfrit.db.tar.gz -o marfrit.db.tar.gz || true curl -sSL https://packages.reauktion.de/arch/aarch64/marfrit.files.tar.gz -o marfrit.files.tar.gz || true # move freshly built package(s) in - mv /tmp/build-distcc-avahi/*.pkg.tar.zst . - mv /tmp/build-distcc-avahi/*.pkg.tar.zst.sig . + for ext in xz zst gz; do + ls /tmp/build-distcc-avahi/*.pkg.tar.$ext 2>/dev/null && \ + mv /tmp/build-distcc-avahi/*.pkg.tar.$ext /tmp/build-distcc-avahi/*.pkg.tar.$ext.sig . + done || true # regenerate the db, signing it with our key - GPG_TTY= \ - GNUPGHOME=/root/.gnupg \ + export GPG_TTY="" + export GNUPGHOME=/root/.gnupg + # repo-add wants explicit passphrase; wrap via gpg-agent loopback + cat > /root/.gnupg/gpg.conf < /root/.gnupg/gpg-agent.conf <