docs: Improved verbosity in GPG secrets configuration #3464
Conversation
README.md
Outdated
| 5. Add the following GitHub secrets | ||
| 1. [GPG_PRIVATE_KEY](.github/workflows/release.yml#L52): this is the [armored version of your GPG key](https://github.com/crazy-max/ghaction-import-gpg?tab=readme-ov-file#prerequisites) (`gpg --armor --export-secret-key [email protected]`) | ||
| 2. [GPG_PASSPHRASE](.github/workflows/release.yml#L53): this is the passphrase you choosed while creating your GPG key | ||
| 3. [GPG_FINGERPRINT](.github/workflows/release.yml#L54) (optional): this is the fingerprint of the GPG subkey (`gpg --list-secret-keys --keyid-format LONG --with-subkey-fingerprint [email protected]`) |
There was a problem hiding this comment.
| 5. Add the following GitHub secrets | |
| 1. [GPG_PRIVATE_KEY](.github/workflows/release.yml#L52): this is the [armored version of your GPG key](https://github.com/crazy-max/ghaction-import-gpg?tab=readme-ov-file#prerequisites) (`gpg --armor --export-secret-key [email protected]`) | |
| 2. [GPG_PASSPHRASE](.github/workflows/release.yml#L53): this is the passphrase you choosed while creating your GPG key | |
| 3. [GPG_FINGERPRINT](.github/workflows/release.yml#L54) (optional): this is the fingerprint of the GPG subkey (`gpg --list-secret-keys --keyid-format LONG --with-subkey-fingerprint [email protected]`) | |
| 5. Add the following GitHub secrets according to the requirements of the action [ghaction-import-gpg]([https://github.com/crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg): | |
| 1. [GPG_PRIVATE_KEY](.github/workflows/release.yml#L52) | |
| 2. [GPG_PASSPHRASE](.github/workflows/release.yml#L53) | |
| 3. [GPG_FINGERPRINT](.github/workflows/release.yml#L54) |
There was a problem hiding this comment.
Personally I like more adding the commands directly, rather than linking a resource that don't even contain all the required info (or it does but not explicitly).
There was a problem hiding this comment.
A reference avoids a copy of already existing mutable information in its full fledged and always up to date and contextual form.
There was a problem hiding this comment.
The linked document is only helpful for setting up GPG_PRIVATE_KEY, it doesn't contain anything related to GPG_FINGERPRINT (unless I'm not seeing something). The fingerprint is actually not a secret there, which could introduce confusion.
There was a problem hiding this comment.
Also, GPG_FINGERPRINT should be a variable (since there is no need to hide it), not a secret. This should be clarified
There was a problem hiding this comment.
Yes, the fingerprint should be a variable. The template and our repo should be adjusted for that
There was a problem hiding this comment.
In this repo the workflow already expects a variable, it's just not explained anywhere in the correct doc.
There was a problem hiding this comment.
Please adjust the suggested change in the PR then. Because right now it lists the fingerprint under "Add the following GitHub secrets"
No description provided.