Merge pull request #88 from Nautilus-Cyberneering/issue-86-fix-publishing-depedency-error

Fix Git and GPG credentials being injected in the publishing workflows

Author: josecelano

.github/workflows/publish-docker-image.yml

@@ -4,7 +4,6 @@ on:
   push:
     tags:
       - "*.*.*"
-  workflow_dispatch:
 
 jobs:
   build:
@@ -17,6 +16,16 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v2
 
+      - name: Import GPG key used for testing
+        id: import-gpg
+        uses: crazy-max/ghaction-import-gpg@v4
+        with:
+          gpg_private_key: ${{ secrets.TEST_GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.TEST_PASSPHRASE }}
+          git_user_signingkey: true
+          git_commit_gpgsign: true
+          git_config_global: true
+
       - name: Setup Python
         uses: actions/setup-python@v2.3.1
         with:
@@ -71,3 +80,11 @@ jobs:
           images: |
             nautiluscyberneering/librarian
             ghcr.io/${{ github.repository }}
+
+      - name: Build and push Docker images
+        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/publish-github-release.yml

@@ -4,7 +4,6 @@ on:
   push:
     tags:
       - "*.*.*"
-  workflow_dispatch:
 
 jobs:
   build:
@@ -16,6 +15,16 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v2
 
+      - name: Import GPG key used for testing
+        id: import-gpg
+        uses: crazy-max/ghaction-import-gpg@v4
+        with:
+          gpg_private_key: ${{ secrets.TEST_GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.TEST_PASSPHRASE }}
+          git_user_signingkey: true
+          git_commit_gpgsign: true
+          git_config_global: true
+
       - name: Setup Python
         uses: actions/setup-python@v2.3.1
         with:
@@ -58,3 +67,11 @@ jobs:
         run: |
           [[ "$(poetry version --short)" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]] \
             || echo ::set-output name=prerelease::true
+
+      - name: Create Release
+        uses: ncipollo/release-action@v1
+        with:
+          artifacts: "dist/*"
+          token: ${{ secrets.GITHUB_TOKEN }}
+          draft: false
+          prerelease: steps.check-version.outputs.prerelease == 'true'

.github/workflows/publish-pypi-package.yml

@@ -4,7 +4,6 @@ on:
   push:
     tags:
       - "*.*.*"
-  workflow_dispatch:
 
 jobs:
   build:
@@ -14,6 +13,16 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v2
 
+      - name: Import GPG key used for testing
+        id: import-gpg
+        uses: crazy-max/ghaction-import-gpg@v4
+        with:
+          gpg_private_key: ${{ secrets.TEST_GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.TEST_PASSPHRASE }}
+          git_user_signingkey: true
+          git_commit_gpgsign: true
+          git_config_global: true
+
       - name: Setup Python
         uses: actions/setup-python@v2.3.1
         with:
@@ -50,3 +59,8 @@ jobs:
 
       - name: Build Python package
         run: poetry build
+
+      - name: Publish to PyPI
+        env:
+          POETRY_PYPI_TOKEN_PYPI: ${{ secrets.PYPI_API_TOKEN }}
+        run: poetry publish