GPG Sign

by drone-plugins

This plugin can sign your artifacts and build results with GnuPG. The below pipeline configuration demonstrates simple usage:

pipeline:
  gpgsign:
    image: plugins/gpgsign
    key: your-base64-encoded-private-key
    passphrase: p455w0rd
    files:
      - dist/*

Exclude specific patterns:

pipeline:
  gpgsign:
    image: plugins/gpgsign
    key: your-base64-encoded-private-key
    passphrase: p455w0rd
    files:
      - dist/*
+   excludes:
+     - dist/*.sha256

Generate detach-sign signature:

pipeline:
  gpgsign:
    image: plugins/gpgsign
    key: your-base64-encoded-private-key
    passphrase: p455w0rd
    files:
      - dist/*
+   detach_sign: true

Generate clear-sign signature:

pipeline:
  gpgsign:
    image: plugins/gpgsign
    key: your-base64-encoded-private-key
    passphrase: p455w0rd
    files:
      - dist/*
+   clear_sign: true

Example configuration using secrets:

pipeline:
  gpgsign:
    image: plugins/gpgsign
-   key: your-base64-encoded-private-key
-   passphrase: p455w0rd
+   secrets: [ gpgsign_key, gpgsign_passphrase ]
    files:
      - dist/*

Secret Reference

gpgsign_key, gpg_key
Private GnuPG key, optionally base64 encoded
gpgsign_passphrase, gpg_passphrase
Passphrase to unlock private key

Parameter Reference

key
Private GnuPG key, optionally base64 encoded
passphrase
Passphrase to unlock private key
detach_sign
Generate a detach-sign signature
clear_sign
Generate a clear-sign signature
files, file
List of globs to match files
excludes, exclude
List of patterns to exclude files

这个网页有没有错误? 请让我们知道 或编辑 这个页面