From ff5c73e065567d36fd250469f60754db7ae53c33 Mon Sep 17 00:00:00 2001
From: Alexandre Archambault <alexandre.archambault@gmail.com>
Date: Fri, 17 May 2024 14:47:05 +0200
Subject: [PATCH] Update secrets

---
 .github/scripts/gpg-setup.sh | 10 ++++++++++
 .github/workflows/ci.yml     | 11 +++++++----
 2 files changed, 17 insertions(+), 4 deletions(-)
 create mode 100755 .github/scripts/gpg-setup.sh

diff --git a/.github/scripts/gpg-setup.sh b/.github/scripts/gpg-setup.sh
new file mode 100755
index 0000000..ad58f40
--- /dev/null
+++ b/.github/scripts/gpg-setup.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env sh
+
+# from https://github.com/coursier/apps/blob/f1d2bf568bf466a98569a85c3f23c5f3a8eb5360/.github/scripts/gpg-setup.sh
+
+echo $PGP_SECRET | base64 --decode | gpg --import --no-tty --batch --yes
+
+echo "allow-loopback-pinentry" >>~/.gnupg/gpg-agent.conf
+echo "pinentry-mode loopback" >>~/.gnupg/gpg.conf
+
+gpg-connect-agent reloadagent /bye
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 260e806..18ba782 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -35,10 +35,13 @@ jobs:
     - uses: coursier/setup-action@v1.3.0
       with:
         jvm: 8
+    - run: .github/scripts/gpg-setup.sh
+      env:
+        PGP_SECRET: ${{ secrets.PUBLISH_SECRET_KEY }}
     - name: Release
       run: sbtn ci-release
       env:
-        PGP_PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }}
-        PGP_SECRET: ${{ secrets.PGP_SECRET }}
-        SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
-        SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
+        PGP_PASSPHRASE: ${{ secrets.PUBLISH_SECRET_KEY_PASSWORD }}
+        PGP_SECRET: ${{ secrets.PUBLISH_SECRET_KEY }}
+        SONATYPE_PASSWORD: ${{ secrets.PUBLISH_PASSWORD }}
+        SONATYPE_USERNAME: ${{ secrets.PUBLISH_USER }}