Merge pull request #1 from blink1073/sign-multiple-files

Allow signing multiple files

Author: blink1073

README.md

@@ -31,6 +31,7 @@ Use this action to create signed git artifacts:
     garasign_password: ${{ secrets.GRS_CONFIG_USER1_PASSWORD }}
     artifactory_username: ${{ secrets.ARTIFACTORY_USER }}
     artifactory_password: ${{ secrets.ARTIFACTORY_PASSWORD }}
+    skip_setup: true
 ```
 
 If the action is used multiple times within the same job, the `skip_setup`
@@ -39,11 +40,12 @@ option can be set to a truthy value to avoid unnecessary logins to artifactory.
 ### gpg-sign
 
 This action is used to create detached signatures for files:
+
 ```markdown
 - name: "Create detached signature"
   uses: mongodb/drivers-github-tools/garasign/gpg-sign@main
   with:
-    filename: somefile.ext
+    filenames: somefile.ext
     garasign_username: ${{ secrets.GRS_CONFIG_USER1_USERNAME }}
     garasign_password: ${{ secrets.GRS_CONFIG_USER1_PASSWORD }}
     artifactory_username: ${{ secrets.ARTIFACTORY_USER }}
@@ -55,6 +57,19 @@ directory.
 If the action is used multiple times within the same job, the `skip_setup`
 option can be set to a truthy value to avoid unnecessary logins to artifactory.
 
+You can also supply multiple space-separated filenames to sign a list of files:
+
+```markdown
+- name: "Create detached signature"
+  uses: mongodb/drivers-github-tools/garasign/gpg-sign@main
+  with:
+    filenames: somefile.ext someotherfile.txt
+    garasign_username: ${{ secrets.GRS_CONFIG_USER1_USERNAME }}
+    garasign_password: ${{ secrets.GRS_CONFIG_USER1_PASSWORD }}
+    artifactory_username: ${{ secrets.ARTIFACTORY_USER }}
+    artifactory_password: ${{ secrets.ARTIFACTORY_PASSWORD }}
+```
+
 ### setup
 
 The setup action is used by `git-sign` and `gpg-sign` to create an env file and

garasign/gpg-sign/action.yml

@@ -1,8 +1,8 @@
 name: "Sign artifact using garasign"
 description: "Signs a release artifact"
 inputs:
-  filename:
-    description: "File name to sign"
+  filenames:
+    description: "File names to sign, space separated"
     required: true
   garasign_username:
     description: "Garasign username"
@@ -39,13 +39,17 @@ runs:
         artifactory_password: ${{ inputs.artifactory_password }}
         artifactory_registry: ${{ inputs.artifactory_registry }}
 
-    - name: "Create detached signature"
+    - name: "Create detached signature for filename"
       run: |
-        podman run \
-          --env-file=envfile \
-          --rm \
-          -v $(pwd):$(pwd) \
-          -w $(pwd) \
-          ${{ inputs.artifactory_registry }}/${{ inputs.artifactory_image }} \
-          /bin/bash -c "gpgloader && gpg --detach-sign --armor --output ${{ inputs.filename }}.sig ${{ inputs.filename }}"
-      shell: bash
+        export filenames="${{ inputs.filenames }}"
+        for filename in "${filenames[@]}"
+        do
+          podman run \
+            --env-file=envfile \
+            --rm \
+            -v $(pwd):$(pwd) \
+            -w $(pwd) \
+            ${{ inputs.artifactory_registry }}/${{ inputs.artifactory_image }} \
+            /bin/bash -c "gpgloader && gpg --detach-sign --armor --output ${{ inputs.filename }}.sig ${{ inputs.filename }}"
+        done
+      shell: bash