import gpg key in snapshotter

Author: taigrr

.github/workflows/release.yml

@@ -10,6 +10,7 @@ permissions:
 
 jobs:
   goreleaser:
+    environment: goreleaser
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -23,6 +24,7 @@ jobs:
           go-version: stable
 
       - name: Import GPG key
+        id: import_gpg
         uses: crazy-max/ghaction-import-gpg@v6
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
@@ -57,4 +59,4 @@ jobs:
           DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
           DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
           AUR_KEY: ${{ secrets.AUR_KEY }}
-          GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }}
+          GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}

.github/workflows/snapshot.yml

@@ -8,6 +8,7 @@ on:
 
 jobs:
   snapshot:
+    environment: goreleaser
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -19,12 +20,20 @@ jobs:
         uses: actions/setup-go@v5
         with:
           go-version: stable
-          
+      
+      - name: Import GPG key
+        id: import_gpg
+        uses: crazy-max/ghaction-import-gpg@v6
+        with:
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.GPG_PASSPHRASE }}    
+      
       - name: Test GoReleaser
         uses: goreleaser/goreleaser-action@v6
         with:
           distribution: goreleaser-pro
           version: "~> v2"
           args: release --snapshot --clean --skip=publish
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 
+          GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}

.goreleaser.yaml

@@ -402,10 +402,10 @@ release:
 
 # Sign checksums and artifacts
 signs:
-  - cmd: gpg
+  - cmd: gpg2
     args:
       - "--batch"
-      - "--local-user"
+      - "-u"
       - "{{ .Env.GPG_FINGERPRINT }}"
       - "--output"
       - "${signature}"