update keyring generation step

Author: jaehyeon-kim

.github/workflows/release.yml

@@ -27,19 +27,25 @@ jobs:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.GPG_PASSPHRASE }}
 
-      - name: Export GPG keys for chart-releaser
+      - name: Export legacy GPG keyring for chart-releaser
         run: |
           mkdir -p gpg-legacy
-          # Export both public and private keys to a legacy keyring file
-          gpg --export "${{ steps.import_gpg.outputs.keyid }}" > gpg-legacy/pubring.gpg
-          gpg --export-secret-keys "${{ steps.import_gpg.outputs.keyid }}" > gpg-legacy/secring.gpg        
+
+          # Export public key in legacy-compatible format
+          gpg --no-default-keyring \
+              --keyring ./gpg-legacy/pubring.gpg \
+              --export "${{ steps.import_gpg.outputs.keyid }}"
+
+          # Export private key in legacy-compatible format
+          gpg --batch --yes --pinentry-mode loopback \
+              --no-default-keyring \
+              --secret-keyring ./gpg-legacy/secring.gpg \
+              --export-secret-keys "${{ steps.import_gpg.outputs.keyid }}"
 
       - name: Prepare for Chart Releaser
         run: |
-          # Create a passphrase file for chart-releaser to use for signing
           echo "$GPG_PASSPHRASE" > passphrase.txt
 
-          # Create the .cr.yaml config file using the key ID from the import step
           cat <<EOF > .cr.yaml
           sign: true
           key: "${{ steps.import_gpg.outputs.keyid }}"
@@ -48,8 +54,7 @@ jobs:
           passphrase-file: "passphrase.txt"
           EOF
         env:
-          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
-          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}          
+          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}        
 
       - name: Run chart-releaser
         uses: helm/[email protected]