From a70e107a3fef8c58052ab421d176f1b5fc9519db Mon Sep 17 00:00:00 2001
From: Richard Robert Reitz <richard-robert.reitz@telekom.de>
Date: Mon, 20 Oct 2025 15:55:58 +0200
Subject: [PATCH] feat(signing): added goreleaser signing

---
 .github/workflows/release.yaml |  7 +++++++
 .goreleaser.yaml               | 21 ++++++++++++++++++---
 2 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index d2a754b..3040258 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -19,9 +19,16 @@ jobs:
           go-version: ">=1.25.1"
       - name: Test code
         run: make test
+      - name: Import GPG key
+        id: import_gpg
+        uses: https://github.com/crazy-max/ghaction-import-gpg@v6
+        with:
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.GPG_PASSPHRASE }}
       - name: Run GoReleaser
         uses: https://github.com/goreleaser/goreleaser-action@v6
         env:
           GITEA_TOKEN: ${{ secrets.PACKAGES_TOKEN }}
+          GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
         with:
           args: release --clean
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index e92295f..9d098eb 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -10,11 +10,11 @@ builds:
       - CGO_ENABLED=0
     goos:
       - linux
-      - darwin
-      - windows
+      #- darwin
+      #- windows
     goarch:
       - amd64
-      - arm64
+      #- arm64
 
 archives:
   - formats: [tar.gz]
@@ -31,6 +31,21 @@ archives:
       - goos: windows
         formats: [zip]
 
+signs:
+  - artifacts: checksum
+    cmd: gpg2
+    args:
+      - "--batch"
+      - "-u"
+      - "{{ .Env.GPG_FINGERPRINT }}"
+      - "--output"
+      - "${signature}"
+      - "--detach-sign"
+      - "${artifact}"
+
+#binary_signs:
+#  - {}
+
 changelog:
   abbrev: 10
   filters: