Update '.gitea/workflows/hello_world.yaml'

2023-03-28 04:14:40 +00:00 · 2023-03-28 04:14:40 +00:00 · 15cc3762b7
commit 15cc3762b7
parent 86df81f51d
1 changed files with 5 additions and 31 deletions
--- a/.gitea/workflows/hello_world.yaml
+++ b/.gitea/workflows/hello_world.yaml
@ -4,8 +4,6 @@ on: [push]
 jobs:
  Explore-GitHub-Actions:
    runs-on: ubuntu-latest
-    env:
-        PIN: ${{ secrets.HSM_USER_PIN }}
    steps:
      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
@ -21,6 +19,11 @@ jobs:
      - run: echo docker run --rm -it -v /run/pcscd/pcscd.comm:/run/pcscd/pcscd.comm:ro -v "${{ github.workspace }}":/home/user git.lerch.org/lobo/pkcs11:1 -s --id 3 -m SHA256-RSA-PKCS -i foo -o foo.sig --pin env:PIN
      - run: echo "🍏 This job's status is ${{ job.status }}."
      - run: true
+      - name: Sign
+        uses: https://git.lerch.org/lobo/action-hsm-sign@d6ca833927ebc8efc0ed36b9c64aeab00c4e7f32
+        with:
+          pin: ${{ secrets.HSM_USER_PIN }}
+          files: .gitea/**
      - name: Notify
        uses: https://git.lerch.org/lobo/action-notify-ntfy@v1
        if: always()
@ -29,32 +32,3 @@ jobs:
          topic: ${{ secrets.NTFY_TOPIC }}
          user: ${{ secrets.NTFY_USER }}
          password: ${{ secrets.NTFY_PASSWORD }}
-        
-  # Sign-Something:
-  #   runs-on: ubuntu-latest
-  #   needs: Explore-GitHub-Actions
-  #   container:
-  #     image: git.lerch.org/lobo/pkcs11:1
-  #     env:
-  #       PIN: ${{ secrets.HSM_USER_PIN }}
-  #     volumes:
-  #       /run/pcscd/pcscd.comm:/run/pcscd/pcscd.comm
-  #   steps:
-  #     - run: -s --id 3 -m SHA256-RSA-PKCS --pin env:PIN -i foo -o foo.sig
-      # - name: Success Notification
-      #   if: success()
-      #   run: |
-      #          curl -u '${{ secrets.NTFY_USER }}:${{ secrets.NTFY_PASSWORD }}' \
-      #          -H 'Title: Job Succeeded. ${{ github.repository }}/${{ github.ref }}' \
-      #          -H "Tags: +1" \
-      #          -d 'Job succeeded. See '$GITHUB_SERVER_URL'/${{ github.repository }}/actions/runs/${{ github.run_number }} for details' \
-      #          '${{ secrets.NTFY_HOST }}${{ secrets.NTFY_TOPIC }}'
-      # - name: Failure Notification
-      #   if: failure()
-      #   run: |
-      #          curl -u '${{ secrets.NTFY_USER }}:${{ secrets.NTFY_PASSWORD }}' \
-      #          -H "Priority: high" \
-      #          -H 'Title: Job FAILED. ${{ github.repository }}/${{ github.ref }}' \
-      #          -H "Tags: warning" \
-      #          -d 'Job failed. See '$GITHUB_SERVER_URL'/${{ github.repository }}/actions/runs/${{ github.run_number }} for details' \
-      #          '${{ secrets.NTFY_HOST }}${{ secrets.NTFY_TOPIC }}'