Fix: use passphrase preset

action.yaml

@@ -12,6 +12,10 @@ inputs:
     description: "Password of the gpg secret key to sign the package"
     required: false
     default: 'none'
+  gpg-keygrip:
+    description: "KeyGrip of the gpg secret key to sign the package"
+    required: false
+    default: 'none'
   repo-name:
     description: "The repo name to be pushed to"
     required: false
@@ -46,8 +50,13 @@ runs:
       run: |
         cd "${{ inputs.context }}"
         if [[ "${{ inputs.gpg-password }}" != 'none' ]]; then
+          eval $(gpg-agent --daemon)
           echo "${{ inputs.gpg-password }}" | \
-            makepkg -sc --needed --noconfirm --sign
+            /usr/lib/gnupg/gpg-preset-passphrase --preset "${{ inputs.gpg-keygrip }}"
+
+          makepkg -sc --needed --noconfirm --sign
+
+          killall -u "$(id -un)" gpg-agent
         else
           makepkg -sc --needed --noconfirm
         fi
@@ -72,10 +81,16 @@ runs:
     - name: Add pkgs to repo db
       run: |
         if [[ "${{ inputs.gpg-password }}" != 'none' ]]; then
+          eval $(gpg-agent --daemon)
           echo "${{ inputs.gpg-password }}" | \
-            repo-add --verify --sign \
+            /usr/lib/gnupg/gpg-preset-passphrase --preset "${{ inputs.gpg-keygrip }}"
-            "repo/${{ inputs.repo-name }}.db.tar.gz" *.pkg.tar.zst --
+
+          repo-add --verify --sign \
+          "repo/${{ inputs.repo-name }}.db.tar.gz" *.pkg.tar.zst
+
           mv *.pkg.tar.zst *.pkg.tar.zst.sig repo
+
+          killall -u "$(id -un)" gpg-agent
         else
           repo-add "repo/${{ inputs.repo-name }}.db.tar.zst" *.pkg.tar.zst
           mv *.pkg.tar.zst repo