Release - Create checksums and GPG sign #8

Summary
Jobs
- publish
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/release-check-sign.yml at efb190f

	name: Release - Create checksums and GPG sign

	on:
	workflow_dispatch:
	inputs:
	release_tag:
	# TODO: make this mandatory and validate that it is in a release* branch and looks like
	# 'release-\d+.\d+ or something like that.
	# For now we don't do it so that we can test.
	description: 'Git tag at which to sync for deploy and release'
	type: string

	jobs:
	publish:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write

	steps:

	- name: Set up JDK
	uses: actions/setup-java@v4
	with:
	java-version: '11'
	distribution: 'temurin'
	gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
	gpg-passphrase: MAVEN_GPG_PASSPHRASE

	- name: Do we have gpg?
	run: \|
	gpg -k
	gpg -K

	- name: Get all release files
	run: \|
	# gh release download ${{ inputs.release_tag }} -p ".zip" -p ".tgz" -p "*.jar" --repo=${{ github.repository }}
	gh release download release-74-2 -p ".zip" -p ".tgz" -p "*.jar" --repo=unicode-org/icu
	ls -al
	env:
	GH_TOKEN: ${{ github.token }}

	- name: Checksums and sign
	run: \|
	sha512sum -b icu4c* > SHASUM512.txt
	sha512sum -b *.jar > icu4j-75.1.md5
	sha512sum -b icu4c-75_1-data-bin-*.zip > icu4c-75_1-binary.md5
	sha512sum -b icu4c-75_1-src.* > icu4c-75_1-sources.md5
	find . -type f -name 'icu4c*' -exec gpg --pinentry-mode loopback --passphrase=$MAVEN_GPG_PASSPHRASE --output {}.asc --detach-sig {} \;
	gpg --pinentry-mode loopback --passphrase=$MAVEN_GPG_PASSPHRASE --output SHASUM512.txt.asc --detach-sig SHASUM512.txt
	env:
	MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}

	- name: Upload all release files
	run: \|
	echo Upload everything

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Release - Create checksums and GPG sign #8

Workflow file

Release - Create checksums and GPG sign #8

Jobs

Run details

Workflow file for this run