Support reading GPG key directly from file (!26) · Merge requests · GitLab.org / Ops Sub-Department / runner-tools / Release index generator

Tomasz Maczukin requested to merge support-reading-gpg-key-from-file into master Jun 24, 2021

What does this MR do?

Adds support for configuring GPG Signer directly from key/password files.

Why was this MR needed?

Passing values of GPG key or it's password through environment variables is risky. While GitLab's File variable feature is not the golden solution, it improves the security by making it harder to reveal the key or password by mistake.

This MR will add support for configuring GPG signer from files, which makes it possible to be used natively with File variables.

What's the best way to test this MR?

What are the relevant issue numbers?

Closes #2

Edited Jun 24, 2021 by Tomasz Maczukin

Support reading GPG key directly from file

What does this MR do?

Why was this MR needed?

What's the best way to test this MR?

What are the relevant issue numbers?

Merge request reports