From 52b03a8b3cd7aca46321292775fee27b9b14f16f Mon Sep 17 00:00:00 2001
From: ytshih <ytshih@konchin.com>
Date: Mon, 28 Jul 2025 01:32:11 +0800
Subject: [PATCH] Fix: use passphrase preset

---
 action.yaml | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/action.yaml b/action.yaml
index e07256c..e33e95a 100644
--- a/action.yaml
+++ b/action.yaml
@@ -12,6 +12,10 @@ inputs:
     description: "Password of the gpg secret key to sign the package"
     required: false
     default: 'none'
+  gpg-keygrip:
+    description: "KeyGrip of the gpg secret key to sign the package"
+    required: false
+    default: 'none'
   repo-name:
     description: "The repo name to be pushed to"
     required: false
@@ -46,8 +50,13 @@ runs:
       run: |
         cd "${{ inputs.context }}"
         if [[ "${{ inputs.gpg-password }}" != 'none' ]]; then
+          eval $(gpg-agent --daemon)
           echo "${{ inputs.gpg-password }}" | \
-            makepkg -sc --needed --noconfirm --sign
+            /usr/lib/gnupg/gpg-preset-passphrase --preset "${{ inputs.gpg-keygrip }}"
+
+          makepkg -sc --needed --noconfirm --sign
+
+          killall gpg-agent
         else
           makepkg -sc --needed --noconfirm
         fi
@@ -72,10 +81,16 @@ runs:
     - name: Add pkgs to repo db
       run: |
         if [[ "${{ inputs.gpg-password }}" != 'none' ]]; then
+          eval $(gpg-agent --daemon)
           echo "${{ inputs.gpg-password }}" | \
-            repo-add --verify --sign \
-            "repo/${{ inputs.repo-name }}.db.tar.gz" *.pkg.tar.zst --
+            /usr/lib/gnupg/gpg-preset-passphrase --preset "${{ inputs.gpg-keygrip }}"
+
+          repo-add --verify --sign \
+          "repo/${{ inputs.repo-name }}.db.tar.gz" *.pkg.tar.zst
+
           mv *.pkg.tar.zst *.pkg.tar.zst.sig repo
+
+          killall gpg-agent
         else
           repo-add "repo/${{ inputs.repo-name }}.db.tar.zst" *.pkg.tar.zst
           mv *.pkg.tar.zst repo