From 831f16cff6d41af6ea753160345533f8309384dd Mon Sep 17 00:00:00 2001 From: David Geirola Date: Wed, 9 Aug 2023 11:41:47 +0200 Subject: [PATCH] Drop keys guite and steward --- .github/workflows/scala-steward.yml | 147 ------------------ .github/workflows/setup-release_keys_guide.md | 84 ---------- 2 files changed, 231 deletions(-) delete mode 100644 .github/workflows/scala-steward.yml delete mode 100644 .github/workflows/setup-release_keys_guide.md diff --git a/.github/workflows/scala-steward.yml b/.github/workflows/scala-steward.yml deleted file mode 100644 index 309569a..0000000 --- a/.github/workflows/scala-steward.yml +++ /dev/null @@ -1,147 +0,0 @@ -on: - schedule: - - cron: '0 0 * * 0' - -name: Scala Steward - -jobs: - scala-steward: - runs-on: ubuntu-22.04 - name: Launch Scala Steward - steps: - - name: Launch Scala Steward - uses: scala-steward-org/scala-steward-action@v2 - with: - github-app-id: ${{ secrets.STEWARD_APP_ID }} - github-app-installation-id: ${{ secrets.STEWARD_APP_INSTALLATION_ID }} - github-app-key: ${{ secrets.STEWARD_APP_PRIVATE_KEY }} - - # # Artifact migrations for newer versions of artifacts with - # # different group Ids, artifact ids, or both different. - # # - # # Expects the path to HOCON file with migration/s. - # # - # # See https://github.com/scala-steward-org/scala-steward/blob/main/docs/artifact-migrations.md - # artifact-migrations: '' - # - # # Author email address to use in commits. If set it will - # # override any email retrieved from GitHub. - # author-email: '' - - # Author name to use in commits. If set it will override - # any name retrieved from GitHub. - author-name: 'scala-steward' -# -# # A comma-separated list of branches to update (if not -# # provided, the repository's default branch will be -# # updated instead). -# # -# # This option only has effect if updating the current -# # repository or using the `github-repository` input. -# branches: '' -# -# # TTL of cache for fetching dependency versions and -# # metadata, set it to 0s to disable it. -# # -# # Default: 2hours -# cache-ttl: '' -# -# # Url to download the coursier linux CLI from. -# # -# # Default: https://github.com/coursier/launchers/raw/master/cs-x86_64-pc-linux.gz -# coursier-cli-url: '' -# -# # The URL of the GitHub API, only use this input if -# # you are using GitHub Enterprise. -# # -# # Default: https://api.github.com -# github-api-url: '' -# -# # If set to `true` the GitHub App information will -# # only be used for authentication. -# # -# # Repositories to update will be read from either -# # the `repos-file` or the `github-repository` inputs. -# # -# # Default: false -# github-app-auth-only: '' -# -# # Repository to update. Will be ignored if either -# # `repos-file` is provided or the `github-app-*` -# # inputs are and `github-app-auth-only` is not `true`. -# # -# # Default: ${{ github.repository }} -# github-repository: '' -# -# # GitHub Personal Access Token with permission to create -# # branches on repo. -# # -# # If `github-app-*` inputs are provided an App's -# # installation token will be used instead of this one. -# # -# # Default: ${{ github.token }} -# github-token: '' -# -# # Whether to ignore "opts" files (such as `.jvmopts` -# # or `.sbtopts`) when found on repositories or not. -# # -# # Default: true -# ignore-opts-files: '' -# -# # Mill version to install. Take into account this will -# # just affect the global `mill` executable. Scala -# # Steward will still respect the version specified in -# # your repository while updating it. -# # -# # Default: 0.10.9 -# mill-version: '' -# -# # Other Scala Steward arguments not yet supported by -# # this action as a separate argument. -# other-args: '' -# -# # Location of a `.scala-steward.conf` file with default -# # values. -# # -# # If the provided file is missing the action will fail. -# # -# # Default: .github/.scala-steward.conf -# repo-config: '' -# -# # Path to a file containing the list of repositories -# # to update in markdown format: -# # -# # - owner/repo1 -# # - owner/repo2 -# # -# # This input will be ignored if the `github-app-*` -# # inputs are provided and `github-app-auth-only` is -# # not `true`. -# repos-file: '' -# -# # Scala Steward version to use. If not provided it -# # will use the last one published. -# scala-steward-version: '' -# -# # Scalafix rules for version updates to run after -# # certain updates. -# # -# # Expects the path to HOCON file with migration/s. -# # -# # See https://github.com/scala-steward-org/scala-steward/blob/main/docs/scalafix-migrations.md -# scalafix-migrations: '' -# -# # Whether to sign commits or not. -# # -# # Default: false -# sign-commits: '' -# -# # Key ID of GPG key to use for signing commits. See the -# # "Signing commits with GPG" section to learn how to -# # prepare the environment and fill this input. -# signing-key: '' -# -# # Timeout for external process invocations. -# # -# # Default: 20min -# timeout: '' diff --git a/.github/workflows/setup-release_keys_guide.md b/.github/workflows/setup-release_keys_guide.md deleted file mode 100644 index 429b466..0000000 --- a/.github/workflows/setup-release_keys_guide.md +++ /dev/null @@ -1,84 +0,0 @@ -# How to setup release keys -Full guide here: [sbt-ci-release](https://github.com/olafurpg/sbt-ci-release) - -### 1. Gen Key Pair -``` -gpg --gen-key -``` -**data** -- name: `$PRJ_NAME-release-bot` -- email: use your own email address -- For passphrase, generate a random password with a password manager - -**Result** -``` -pub rsa2048 2018-06-10 [SC] [expires: 2020-06-09] - $LONG_ID -uid $PRJ_NAME-release-bot bot <$EMAIL> -``` - -### 2. Set PRJ_NAME and LONG_ID - -**example** -``` -//On UNIX -PRJ_NAME=example-release-bot -LONG_ID=6E8ED79B03AD527F1B281169D28FC818985732D9 - -//On Windows -set PRJ_NAME=example-release-bot -set LONG_ID=6E8ED79B03AD527F1B281169D28FC818985732D9 -``` - -### 3. Export public key -**clipboard** -``` -# macOS -gpg --armor --export $LONG_ID | pbcopy -# linux -gpg --armor --export $LONG_ID | xclip -# Windows -gpg --armor --export %LONG_ID% -``` - -**file** -``` -# macOS -gpg --armor --export $LONG_ID > $PRJ_NAME-release-bot-public.gpg -# linux -gpg --armor --export $LONG_ID > $PRJ_NAME-release-bot-public.gpg -# Windows -gpg --armor --export %LONG_ID% > %PRJ_NAME%-release-bot-public.gpg -``` - -### 4. Export private key in base64 -**clipboard** -``` -# macOS -gpg --armor --export-secret-keys $LONG_ID | base64 | pbcopy -# Ubuntu (assuming GNU base64) -gpg --armor --export-secret-keys $LONG_ID | base64 -w0 | xclip -# Windows -gpg --armor --export-secret-keys %LONG_ID% | openssl base64 -``` - -**file** -``` -# macOS -gpg --armor --export-secret-keys $LONG_ID | base64 > $PRJ_NAME-release-bot-private.gpg -# Ubuntu (assuming GNU base64) -gpg --armor --export-secret-keys $LONG_ID | base64 -w0 > $PRJ_NAME-release-bot-private.gpg -# Windows -gpg --armor --export-secret-keys %LONG_ID% | openssl base64 > %PRJ_NAME%-release-bot-private.gpg -``` - -### 5. Public the public key to keyserver -Copy the **PUBLIC KEY** and publish it in a public keyserver - -Like this one: -[https://keyserver.ubuntu.com/](https://keyserver.ubuntu.com/) - -### 6. Put the private key in Github secrets -- Copy the **PRIVATE KEY** in _Base64_ -- Create a secret in github named `PGP_SECRET` and store the base64 *PRIVATE KEY* -- Create a secret in github named `PGP_PASSPHRASE` and store the base64 *PRIVATE KEY* passphrase \ No newline at end of file