From 2e769695b06d5a7068f88b18a1f805a52a5113d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ma=C3=ABl=20Nison?= Date: Fri, 24 May 2024 23:33:18 +0200 Subject: [PATCH] Update signing.yml --- .github/workflows/signing.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/.github/workflows/signing.yml b/.github/workflows/signing.yml index b43f3d0c2c..84a2676a8f 100644 --- a/.github/workflows/signing.yml +++ b/.github/workflows/signing.yml @@ -23,10 +23,16 @@ jobs: passphrase: ${{ secrets.GPG_PASSPHRASE }} - name: Downloading the release - run: wget https://github.com/yarnpkg/yarn/releases/download/v${{ inputs.version }}/yarn-v${{ inputs.version }}.tar.gz + run: | + wget https://github.com/yarnpkg/yarn/releases/download/v${{ inputs.version }}/yarn-v${{ inputs.version }}.tar.gz + wget https://github.com/yarnpkg/yarn/releases/download/v${{ inputs.version }}/yarn-${{ inputs.version }}.js + wget https://github.com/yarnpkg/yarn/releases/download/v${{ inputs.version }}/yarn-legacy-${{ inputs.version }}.js - name: GPG sign file - run: gpg -u ${{ vars.GPG_RELEASE_KEY_ID }} --armor --output yarn-v${{ inputs.version }}.tar.gz.asc --detach-sign yarn-v${{ inputs.version }}.tar.gz + run: | + gpg -u ${{ vars.GPG_RELEASE_KEY_ID }} --armor --output yarn-v${{ inputs.version }}.tar.gz.asc --detach-sign yarn-v${{ inputs.version }}.tar.gz + gpg -u ${{ vars.GPG_RELEASE_KEY_ID }} --armor --output yarn-${{ inputs.version }}.js.asc --detach-sign yarn-${{ inputs.version }}.js + gpg -u ${{ vars.GPG_RELEASE_KEY_ID }} --armor --output yarn-legacy-${{ inputs.version }}.js.asc --detach-sign yarn-legacy-${{ inputs.version }}.js - name: Store signature as artifact uses: actions/upload-artifact@v3 @@ -35,3 +41,7 @@ jobs: path: | yarn-v${{ inputs.version }}.tar.gz yarn-v${{ inputs.version }}.tar.gz.asc + yarn-v${{ inputs.version }}.js + yarn-v${{ inputs.version }}.js.asc + yarn-legacy-${{ inputs.version }}.js + yarn-legacy-${{ inputs.version }}.js.asc