github.com/goreleaser/goreleaser@v1.25.1/internal/pipe/sign/testdata/README.md (about)

     1  # Creating test keys for GnuPG
     2  
     3  The unit tests needs a test key to work with. I have tried to create a test keyring
     4  on the fly and while that worked I was not able to successfully sign with that.
     5  gpg would bail with an ioctl error which I didn't track down since using a static
     6  key works.
     7  
     8  This uses the `--homedir .` option to create the test keys so that we do not touch
     9  the local keyring file.
    10  
    11  ## 1.  Create signing keys
    12  
    13  ```sh
    14  cd $GOPATH/src/github.com/goreleaser/goreleaser/internal/pipeline/sign/testdata/gnupg
    15  gpg --homedir . --quick-generate-key --batch --passphrase '' nopass default default 10y
    16  ```
    17  
    18  ## 2. Check that the key exists
    19  
    20  ```sh
    21  gpg --homedir . --list-keys
    22  pub rsa2048 2017-12-13 [SC][expires: 2027-12-11]
    23  FB6BEDFCECE1761EDD68BF32EF2D274B0EDAAE12
    24  uid [ultimate] nopass
    25  sub rsa2048 2017-12-13 [E]
    26  ```
    27  
    28  ## 3. Check that signing works
    29  
    30  ### 3.1 create a test file
    31  
    32  ```sh
    33  echo "bar" > foo
    34  ```
    35  
    36  ### 3.2. sign and verfiy
    37  
    38  ```sh
    39  gpg --homedir . --detach-sign foo
    40  gpg --homedir . --verify foo.sig foo
    41  
    42  gpg: Signature made Wed Dec 13 22:02:49 2017 CET
    43  gpg: using RSA key FB6BEDFCECE1761EDD68BF32EF2D274B0EDAAE12
    44  gpg: Good signature from "nopass" [ultimate]
    45  ```
    46  
    47  ### 3.3. cleanup
    48  
    49  ```sh
    50  rm foo foo.sig
    51  ```
    52  
    53  ## 4. Make sure you have keyrings for both gpg1 and gpg2
    54  
    55  travis-ci.org runs on an old Ubuntu installation which
    56  has gpg 1.4 installed. We need to provide keyrings that
    57  have the same keys and users for both formats.
    58  
    59  This demonstrates the conversion from gpg2 to gpg1
    60  format but should work the same the other way around.
    61  
    62  ### 4.1. get gpg version
    63  
    64  ```sh
    65  gpg --version
    66  gpg (GnuPG) 2.2.3
    67  ```
    68  
    69  ### 4.2. install gpg1
    70  
    71  ```sh
    72  brew install gpg1
    73  # brew install gpg2 # if you have gpg1 installed
    74  ```
    75  
    76  ### 4.3. migrate the keys from gpg2 to gpg1
    77  
    78  ```sh
    79  gpg --homedir . --export nopass | gpg1 --homedir . --import
    80  gpg --homedir . --export-secret-key nopass | gpg1 --homedir . --import
    81  ```
    82  
    83  ### 4.4. check keys are the same
    84  
    85  ```sh
    86  gpg --homedir . --list-keys --keyid-format LONG
    87  gpg1 --homedir . --list-keys --keyid-format LONG
    88  
    89  gpg --homedir . --list-secret-keys --keyid-format LONG
    90  gpg1 --homedir . --list-secret-keys --keyid-format LONG
    91  ```