Use wrapper for gpg passphrase

transloadit · Jul 31, 2020 · 0ccfc2e · 0ccfc2e
1 parent a17ab16
commit 0ccfc2e
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 15 deletions.
diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -33,16 +33,15 @@ checksum:
   algorithm: sha256
 signs:
   - artifacts: checksum
+    cmd: "./gpg_wrapper.sh"
     args:
-      - "--batch"
       - "--local-user"
       - "{{ .Env.GPG_FINGERPRINT }}"
-      - "--passphrase"
-      - "{{ .Env.SIGN_PASS}}"
       - "--output"
       - "${signature}"
       - "--detach-sign"
       - "${artifact}"
+
 release:
   # Visit your project's GitHub Releases page to publish this release.
   draft: true

diff --git a/.travis.yml b/.travis.yml
@@ -15,25 +15,30 @@ matrix:
   allow_failures:
   - go: tip
   include:
+  - stage: Test
+    go: 1.12.x
+    env: GOFLAGS=-mod=vendor GO111MODULE=on
   - stage:
-    script:
-    - GPG_TTY=$(tty) gpg --batch --yes --local-user 79D8067B23295155 --passphrase '${SIGN_PASS}' --output a11.sig --detach-sign main.go
-  - stage:
-    script:
-    - GPG_TTY=$(tty) gpg --batch --yes --no-tty --local-user 79D8067B23295155 --passphrase ${SIGN_PASS} --output a12.sig --detach-sign main.go
+    go: 1.13.x
+    env: GOFLAGS=-mod=vendor
   - stage:
-    script:
-    - GPG_TTY=$(tty) gpg --batch --local-user 79D8067B23295155 --passphrase "${SIGN_PASS}" --output a13.sig --detach-sign main.go
+    go: tip
+    env: GOFLAGS=-mod=vendor
   - stage:
+    go: 1.13.x
+    env: GOFLAGS=-mod=vendor GOARCH=arm
     script:
-    - gpg --batch --yes --no-tty --pinentry-mode loopback --local-user 79D8067B23295155 --passphrase '${SIGN_PASS}' --output a21.sig --detach-sign main.go
+      - make build
   - stage:
+    go: 1.13.x
+    env: GOFLAGS=-mod=vendor GOARCH=amd64
     script:
-    - gpg --batch --yes --local-user 79D8067B23295155 --passphrase ${SIGN_PASS} --output a22.sig --detach-sign main.go
+      - make build
   - stage:
+    go: 1.13.x
+    env: GOFLAGS=-mod=vendor GOOS=windows
     script:
-    - env |cut -f 1 -d "="|sort
-    - sh ./gpg_wrapper.sh --batch --yes --no-tty --pinentry-mode loopback --passphrase-fd 0  --local-user 79D8067B23295155 --output a23.sig --detach-sign main.go
+      - make build
   - stage: Deploy
     go: 1.13.x
     script: skip

diff --git a/gpg_wrapper.sh b/gpg_wrapper.sh
@@ -1,3 +1,3 @@
 #!/bin/sh
 export GPG_TTY=$(tty)
-echo $SIGN_PASS|gpg $@
+echo $SIGN_PASS|gpg --batch --no-tty --pinentry-mode loopback --passphrase-fd 0 $@