From ebd788e44ccd1343bccf6c89368a9dcdb03d50cb Mon Sep 17 00:00:00 2001
From: Piotr Icikowski <piotrekicikowski@gmail.com>
Date: Mon, 30 Dec 2024 19:13:57 +0100
Subject: [PATCH] ci(release): add GPG signing for release pipeline

---
 .woodpecker/.release.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/.woodpecker/.release.yml b/.woodpecker/.release.yml
index 28485c0..32670b2 100644
--- a/.woodpecker/.release.yml
+++ b/.woodpecker/.release.yml
@@ -10,6 +10,21 @@ steps:
         from_secret: gitea_token
       GIT_CREDENTIALS:
         from_secret: git_credentials
+      WOODPECKER_GPG:
+        from_secret: woodpecker_gpg
+      WOODPECKER_OWNERTRUST:
+        from_secret: woodpecker_ownertrust
+      GIT_AUTHOR_NAME: "semantic-release"
+      GIT_AUTHOR_EMAIL: "ci@icikowski.pl"
+      GIT_COMMITTER_NAME: "Woodpecker CI"
+      GIT_COMMITTER_EMAIL: "ci@icikowski.pl"
     commands:
+      - echo $WOODPECKER_GPG | base64 -d > /tmp/woodpecker.gpg
+      - echo $WOODPECKER_OWNERTRUST > /tmp/woodpecker-ownertrust.txt
+      - gpg -q --import /tmp/woodpecker.gpg
+      - gpg --import-ownertrust /tmp/woodpecker-ownertrust.txt
+      - git config --global user.signingkey BE8610DF8C393C56F3428A4D3E8CD051908CB569
+      - git config --global commit.gpgsign true
+      - git config --global tag.forceSignAnnotated true
       - npm i
       - npm run release