From 35e5757bf25d98d4df8a0e30ba806bd421333325 Mon Sep 17 00:00:00 2001
From: Muse Mulatu <48902323+muse-sisay@users.noreply.github.com>
Date: Tue, 4 Feb 2025 10:28:24 -0700
Subject: [PATCH] feat: sign commits

---
 .github/workflows/release-package.yml  | 10 ++++++----
 .github/workflows/update-changelog.yml |  8 +++++---
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/release-package.yml b/.github/workflows/release-package.yml
index 18a586f..c5686b8 100644
--- a/.github/workflows/release-package.yml
+++ b/.github/workflows/release-package.yml
@@ -37,16 +37,18 @@ jobs:
 
       - name: Checkout, bun, commit and push version change
         run: |
-          git config user.name "konstruct-bot"
+          echo "KBOT_PRIVATE_KEY" > /signingkey
+          git config user.name "konstruct-bot"]
           git config user.email "konstruct-bot@konstruct.io"
-          git fetch origin main
-          git checkout main
+          git config user.signingkey /signingkey
           npm version ${RELEASE_VERSION} --no-commit-hooks --no-git-tag-version
           git add package.json package-lock.json
-          git commit -m "🔖 release: bump version to ${RELEASE_VERSION}" --allow-empty --no-verify
+          git commit -S -m "🔖 release: bump version to ${RELEASE_VERSION}" --allow-empty --no-verify
+          git log --show-signature -1
           git push origin main
         env:
           GITHUB_TOKEN: ${{ secrets.KBOT_TOKEN }}
+          KBOT_PRIVATE_KEY: ${{ secrets.KBOT_PRIVATE_KEY }}
 
       - name: Authenticate with GitHub Packages
         run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.KBOT_TOKEN }}" > ~/.npmrc
diff --git a/.github/workflows/update-changelog.yml b/.github/workflows/update-changelog.yml
index c0a19a2..f34580c 100644
--- a/.github/workflows/update-changelog.yml
+++ b/.github/workflows/update-changelog.yml
@@ -40,12 +40,14 @@ jobs:
 
       - name: Commit and Push Changes
         run: |
+          echo "KBOT_PRIVATE_KEY" > /signingkey
           git config user.name "konstruct-bot"
           git config user.email "konstruct-bot@konstruct.io"
-          git fetch origin main
-          git checkout main
+          git config user.signingkey /signingkey
           git add CHANGELOG.md
-          git commit -m "🚀 chore: update changelog for the version ${RELEASE_VERSION}" --no-verify
+          git commit -S -m "🚀 chore: update changelog for the version ${RELEASE_VERSION}" --no-verify
+          git log --show-signature -1
           git push origin main
         env:
           GITHUB_TOKEN: ${{ secrets.KBOT_TOKEN }}
+          KBOT_PRIVATE_KEY: ${{ secrets.KBOT_PRIVATE_KEY }}