Document how to generate and export GPG key for releasing packer plug…

…in (#6)
QubitPi · Mar 16, 2024 · 6f09e64 · 6f09e64
1 parent bb12d1a
commit 6f09e64
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 4 deletions.
diff --git a/.github/workflows/doc-ci-cd.yml b/.github/workflows/doc-ci-cd.yml
@@ -23,7 +23,7 @@ jobs:
         run: npm run build
         continue-on-error: true # HC closed source tutorials page, we can't get it anyway
       - name: Bundle up a GitHub Pages Deployable
-        if: github.ref == 'refs/heads/master'
+        # if: github.ref == 'refs/heads/master'
         run: |
           mkdir hashicorp-packer-docs
           cp -r website-preview/.next/server/pages/* hashicorp-packer-docs

diff --git a/website/content/docs/plugins/creation/index.mdx b/website/content/docs/plugins/creation/index.mdx
@@ -159,12 +159,28 @@ Here's what you need to create releases using GitHub Actions:
    curl -L -o .github/workflows/release.yml \
    https://raw.githubusercontent.com/hashicorp/packer-plugin-scaffolding/main/.github/workflows/release.yml
    ```
-4. Go to your repository page on GitHub and navigate to Settings > Secrets. Add
+4. [Generate GPG key](https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key):
+   ```sh
+   gpg --full-generate-key
+   ```
+   Choose all default options if available
+5. Export GPG key
+   ```sh
+   $ gpg --list-secret-keys --keyid-format=long
+   /Users/hubot/.gnupg/secring.gpg
+   ------------------------------------
+   sec   4096R/3AA5C34371567BD2 2016-03-10 [expires: 2017-03-10]
+   uid                          Hubot <hubot@example.com>
+   ssb   4096R/4BB6D45482678BE3 2016-03-10
+
+   gpg --armor --export-secret-keys 3AA5C34371567BD2
+   ```
+6. Go to your repository page on GitHub and navigate to Settings > Secrets. Add
    the following secrets:
    - `GPG_PRIVATE_KEY` - Your ASCII-armored GPG private key. You can export this with `gpg --armor --export-secret-keys [key ID or email]`.
    - `GPG_PASSPHRASE` - The passphrase for your GPG private key.
-5. Push a new valid version tag (e.g. `v1.2.3`) to test that the GitHub Actions
-   releaser is working. The tag must be a valid
+7. Push a new valid version tag (e.g. `v1.2.3`) to test that the GitHub Actions
+   releaser is working. The tag can be created using `git tag -a v1.2.3 -m "v1.2.3"` must be a valid
    [Semantic Version](https://semver.org/) preceded with a `v`. Once the tag is pushed, the github actions you just configured will automatically build release binaries that Packer can download using `packer init`. For more details on how
    to install a plugin using `packer init`, see the
    [init docs](https://developer.hashicorp.com/packer/docs/commands/init).