Sign produced artifacts directly with gpg WIP

michaelklishin · michaelklishin · commit 7fff637d44c9 · 2024-11-12T01:14:52.000-05:00
diff --git a/.github/workflows/reusable-release-workflow.yml b/.github/workflows/reusable-release-workflow.yml
@@ -235,8 +235,8 @@ jobs:
           for file in PACKAGES; do
             if test -f "$file"; then
               gpg --default-key "${{ env.GPG_SIGNING_KEY_ID }}" --detach-sign --armor "$file"
-            end
-          end
+            fi
+          done
           ls -lha PACKAGES/
       - name: Build Debian package without GPG signing
         if: inputs.gpg_sign_release == false
@@ -331,8 +331,8 @@ jobs:
           for file in PACKAGES; do
             if test -f "$file"; then
               gpg --default-key "${{ env.GPG_SIGNING_KEY_ID }}" --detach-sign --armor "$file"
-            end
-          end
+            fi
+          done
           ls -lha PACKAGES/
       - name: Build RPM package without GPG signing
         if: inputs.gpg_sign_release == false
@@ -443,6 +443,12 @@ jobs:
                                 PRODUCT_VERSION=${{ env.WINDOWS_INSTALLER_VERSION }}
           cd ..
           ls -lha PACKAGES/
+          for file in PACKAGES; do
+            if test -f "$file"; then
+              gpg --default-key "${{ env.GPG_SIGNING_KEY_ID }}" --detach-sign --armor "$file"
+            fi
+          done
+          ls -lha PACKAGES/
       - name: Remove signing artifacts
         run: |
           rm -f ${{ env.WORKAROUND_TEMP_DIR }}/code_signing.cert
