about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2023-12-03 08:38:47 -0800
committerFranck Cuny <franck@fcuny.net>2023-12-03 08:38:47 -0800
commit4695263698294b94ebb0c78ea0a5145cd296e852 (patch)
tree50e58c728f3f4d38a21ac6bea9c0a55a7ebe5d0b
parentsign the commit when updating flake.lock (diff)
downloadfcuny.net-4695263698294b94ebb0c78ea0a5145cd296e852.tar.gz
use webfactory/ssh-agent to sign commits
-rw-r--r--.github/workflows/update.yml8
1 files changed, 5 insertions, 3 deletions
diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml
index 471f2c9..b6ba6a7 100644
--- a/.github/workflows/update.yml
+++ b/.github/workflows/update.yml
@@ -17,9 +17,11 @@ jobs:
         with:
           extra_nix_config: |
             access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-      # sign the commit:
-      # https://www.chainguard.dev/unchained/keyless-git-commit-signing-with-gitsign-and-github-actions
-      - uses: chainguard-dev/actions/setup-gitsign@main
+      # sign commits with a ssh key
+      # https://github.com/webfactory/ssh-agent
+      - uses: webfactory/ssh-agent@v0.8.0
+        with:
+          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
       - name: Update flake.lock
         id: update-flake-lock
         uses: DeterminateSystems/update-flake-lock@v20