Added many, many more actions.

rpm/rpm-verifysign/action.yaml

@@ -0,0 +1,20 @@
+name: rpm-verifysign
+description: "Verify the signature a given .rpm file with a given .gpg key."
+inputs:
+  file:
+    description: "File to verify."
+    required: true
+  gpgKey:
+    description: "GPG public key to check with. Can be a file or raw key."
+    required: true
+runs:
+  using: "composite"
+  steps:
+  - run: cp -f ${{ github.action_path }}/verify_file.sh _verify_file.sh
+    shell: bash
+  - name: "Verify file."
+    uses: act/common/distros/rockylinux@master
+    with:
+      args: bash "_verify_file.sh" "${{ inputs.file }}" "${{ inputs.gpgKey }}"
+  - run: rm _verify_file.sh
+    shell: bash

rpm/rpm-verifysign/verify_file.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+#Importing gpg key via cli
+#https://d.sb/2016/11/gpg-inappropriate-ioctl-for-device-errors
+FILE="$1"
+GPG_KEY="$2"
+TMP_KEY_PATH="/tmp_key.gpg"
+
+if [[ ! -f "$GPG_KEY" ]]; then
+    cat <<EOF > "$TMP_KEY_PATH"
+$GPG_KEY
+EOF
+    GPG_KEY="$TMP_KEY_PATH"
+fi
+
+#Only seems to import files, not STDIN.
+#gpg --import does not work with 'rpm -K'
+rpm --import "$GPG_KEY"
+rm -f "$TMP_KEY_PATH"
+
+rpm -K $FILE
+
+exit $?

rpm/rpmsign-file/action.yaml

@@ -0,0 +1,34 @@
+name: rpmsign-file
+description: "Sign a given .rpm file with a given .gpg key."
+inputs:
+  file:
+    description: "File to sign."
+    required: true
+  gpgKey:
+    description: "GPG key to sign with."
+    required: true
+  gpgPass:
+    description: "Password to the GPG key."
+    required: true
+outputs:
+  publicKey:
+    description: "Public GPG key of the signed file."
+    value: ${{ steps.sign.outputs.publicKey }}
+runs:
+  using: "composite"
+  steps:
+  - run: cp -f ${{ github.action_path }}/sign_file.sh _sign_file.sh
+    shell: bash
+  - name: "Sign file."
+    id: sign
+    uses: act/common/distros/rockylinux@master
+    with:
+      #Having single quotes around "${{ inputs.gpgKey }}" makes it work in act.
+      args: bash "_sign_file.sh" "${{ inputs.file }}" "${{ inputs.gpgKey }}" "${{ inputs.gpgPass }}"
+  - run: rm _sign_file.sh
+    shell: bash
+  - name: "Own artifacts."
+    uses: act/common/utils/chown@master
+    with:
+      file: ${{ inputs.file }}
+  

rpm/rpmsign-file/sign_file.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+#Importing gpg key via cli
+#https://d.sb/2016/11/gpg-inappropriate-ioctl-for-device-errors
+FILE="$1"
+GPG_KEY="$2"
+GPG_PASS="$3"
+
+GPG_DIR="/root/.gnupg"
+mkdir -p "$GPG_DIR"
+
+if [[ -f "$GPG_KEY" ]]; then
+    GPG_KEY=$(cat "$GPG_KEY")
+fi
+
+#Trim single quotes if it has any. (Single quotes are needed for ACT)
+GPG_KEY=$(echo "$GPG_KEY" | tr -d \')
+
+gpg --homedir "$GPG_DIR" --allow-secret-key-import --import --batch --passphrase "$GPG_PASS" <<EOF
+$GPG_KEY
+EOF
+
+gpg --homedir "$GPG_DIR" --list-keys
+#Get name with email, then cut it to get just the name.
+SIGNER_NAME=$(gpg --homedir "$GPG_DIR" --with-colons --list-keys | grep uid: | cut -d ':' -f 10 | cut -d '<' -f 1 | xargs)
+
+rpmsign --define "_gpg_name $SIGNER_NAME" --define "_gpg_sign_cmd_extra_args --homedir $GPG_DIR --pinentry-mode loopback --passphrase $GPG_PASS" --addsign "$FILE"
+
+SIGNER=$(rpm -qpi simbaspark-2.6.29.1049-1.x86_64.rpm | grep "Signature" | cut -d ':' -f 2 | xargs)
+RESULT=$?
+if [[ "$SIGNER" == "(none)" ]]; then
+    RESULT=1
+fi
+
+#Set the public key as output.
+PUBLIC_KEY=$(gpg --homedir "$GPG_DIR" --armor --export "$SIGNER_NAME")
+PUBLIC_KEY="${PUBLIC_KEY//'%'/'%25'}"
+PUBLIC_KEY="${PUBLIC_KEY//$'\n'/'%0A'}"
+PUBLIC_KEY="${PUBLIC_KEY//$'\r'/'%0D'}"
+echo "publicKey=$PUBLIC_KEY" >> "$GITHUB_OUTPUT"
+
+exit $RESULT