From b7de47b73bedf40a6a5ebdcec24e500e3ef661e1 Mon Sep 17 00:00:00 2001
From: Atif Ali <56743004+aali309@users.noreply.github.com>
Date: Wed, 27 Sep 2023 11:44:30 -0400
Subject: [PATCH] build(ci): submodule should sign commits (#90)

---
 .github/workflows/submodule.yml | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/submodule.yml b/.github/workflows/submodule.yml
index 3642fc09..9e9fba71 100644
--- a/.github/workflows/submodule.yml
+++ b/.github/workflows/submodule.yml
@@ -14,10 +14,17 @@ jobs:
     if: ${{ github.repository_owner == 'cryostatio' }}
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
       with:
         repository: cryostatio/cryostatio.github.io
         token: "${{ secrets.SUBMODULE_TOKEN }}"
+    - name: Import GPG key
+      uses: crazy-max/ghaction-import-gpg@v6
+      with:
+        gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+        passphrase: ${{ secrets.GPG_PASSPHRASE }}
+        git_user_signingkey: true
+        git_commit_gpgsign: true
     - name: Update submodule to latest commit
       run: |
         git submodule update --init
@@ -28,5 +35,5 @@ jobs:
         git config user.name "github-actions[bot]"
         git add --all
         git_hash="$(git rev-parse --short :helm-charts)"
-        git commit -m "build(helm-charts): update submodule to $git_hash" || echo "No changes to commit"
+        git commit -S -m "build(helm-charts): update submodule to $git_hash" || echo "No changes to commit"
         git push