From 21841d5db91fc1797c2a534652da5c5cf371f5a3 Mon Sep 17 00:00:00 2001 From: Kayanski Date: Fri, 15 Nov 2024 20:44:32 +0000 Subject: [PATCH] Signing everything inside circle ci --- .circleci/config.yml | 40 +++++++++++++++++++++++++--------------- 1 file changed, 25 insertions(+), 15 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index bb5cdb5cd..4cf6322da 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -102,6 +102,16 @@ jobs: steps: - setup_remote_docker - checkout + - run: + name: Import GPG Key + command: | + echo -e "$GPG_PRIVATE_KEY" | gpg --import + echo -e "trust\n5\ny\n" | gpg --command-fd 0 --edit-key 4C19E4CC17E67B7B + - run: + name: Configure Git for Signing + command: | + git config --global user.signingkey 4C19E4CC17E67B7B + git config --global commit.gpgSign true - run: name: "Create build branch" command: | @@ -170,7 +180,7 @@ jobs: git pull # Check for wasm changes git add framework/artifacts --force - git commit -m 'Update framework WASM' || true + git commit -S -m 'Update framework WASM' || true git push origin "$CIRCLE_BRANCH-build" || true - run: name: Remove temporary branch if it failed during build framework @@ -228,7 +238,7 @@ jobs: git pull # Check for wasm changes git add modules/artifacts --force - git commit -m 'Update modules WASM [skip ci]' || true + git commit -S -m 'Update modules WASM [skip ci]' || true git push origin "$CIRCLE_BRANCH-build" || true - run: name: Remove temporary branch if it failed during building modules @@ -285,7 +295,7 @@ jobs: git pull # Check for schema changes git add schema --force - git commit -m 'Update Schemas [skip ci]' || true + git commit -S -m 'Update Schemas [skip ci]' || true git push origin "$CIRCLE_BRANCH-build" || true - run: name: Remove temporary branch if it failed during build schemas @@ -303,16 +313,6 @@ jobs: steps: - setup_remote_docker - checkout - - run: - name: Import GPG Key - command: | - echo -e "$GPG_PRIVATE_KEY" | gpg --import - echo -e "trust\n5\ny\n" | gpg --command-fd 0 --edit-key 4C19E4CC17E67B7B - - run: - name: Configure Git for Signing - command: | - git config --global user.signingkey 4C19E4CC17E67B7B - git config --global commit.gpgSign true - run: name: "Merge build branch" command: | @@ -377,13 +377,23 @@ jobs: export TEST_MNEMONIC="$decoded_value" cd framework cargo run --bin full_deploy -- --network-ids $NETWORKS + - run: + name: Import GPG Key + command: | + echo -e "$GPG_PRIVATE_KEY" | gpg --import + echo -e "trust\n5\ny\n" | gpg --command-fd 0 --edit-key 4C19E4CC17E67B7B + - run: + name: Configure Git for Signing + command: | + git config --global user.signingkey 4C19E4CC17E67B7B + git config --global commit.gpgSign true - run: name: Commit and push deploy file command: | git config --global user.name 'CircleCI' git config --global user.email 'circleci@example.com' git add framework/scripts --force - git commit -m 'Update deploy deploy file [skip ci]' + git commit -S -m 'Update deploy deploy file [skip ci]' git push origin $CIRCLE_BRANCH - run: name: Commit and push state file @@ -392,7 +402,7 @@ jobs: git config --global user.email 'circleci@example.com' cp ~/.cw-orchestrator/state.json ./framework/scripts/ git add ./framework/scripts/state.json - git commit -m 'Update deploy deploy file [skip ci]' + git commit -S -m 'Update deploy deploy file [skip ci]' git push origin $CIRCLE_BRANCH - save_cache: paths: