From 61fc8af54da54653a5faedcded6ea3830c17e50d Mon Sep 17 00:00:00 2001
From: Arlind Sulejmani <arlind@sulej.ch>
Date: Sun, 12 Oct 2025 19:40:32 +0200
Subject: [PATCH] chore(ci): add signed commits

---
 .github/workflows/main.yml | 28 ++++++++++++++++++++++++++--
 README.md                  |  2 --
 2 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index f930b3d..dbe3eff 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -24,6 +24,27 @@ jobs:
         uses: actions/checkout@v5
         with:
           fetch-depth: 0
+      - name: Import GPG key and configure signing
+        env:
+          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+        run: |
+          echo "$GPG_PRIVATE_KEY" | gpg --batch --import
+          KEY_ID=$(gpg --list-secret-keys --keyid-format LONG | grep sec | tail -n1 | awk '{print $2}' | cut -d'/' -f2)
+
+          echo "use-agent" >> ~/.gnupg/gpg.conf
+          echo "pinentry-mode loopback" >> ~/.gnupg/gpg.conf
+          echo "allow-loopback-pinentry" >> ~/.gnupg/gpg-agent.conf
+
+          git config --global user.signingkey "$KEY_ID"
+          git config --global commit.gpgsign true
+          git config --global gpg.program gpg
+          git config --global gpg.format openpgp
+
+          export GPG_TTY=$(tty)
+          echo "test" | gpg --batch --yes --passphrase "$GPG_PASSPHRASE" --pinentry-mode loopback -u "$KEY_ID" -s >/dev/null
+
+          echo "Using GPG key: $KEY_ID"
 
       - name: Run semantic-release
         id: semantic
@@ -38,7 +59,10 @@ jobs:
             conventional-changelog-conventionalcommits
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
+          GIT_AUTHOR_NAME: semantic-release-bot
+          GIT_COMMITTER_NAME: semantic-release-bot
+          GIT_AUTHOR_EMAIL: arlind@sulej.ch
+          GIT_COMMITTER_EMAIL: arlind@sulej.ch
   docker:
     runs-on: ubuntu-24.04
     needs: release
@@ -97,4 +121,4 @@ jobs:
     steps:
       - name: Trigger Cloudflare Pages deploy
         run: |
-          curl -X POST "${{ secrets.CF_DEPLOY_HOOK_URL }}"
\ No newline at end of file
+          curl -X POST "${{ secrets.CF_DEPLOY_HOOK_URL }}"
diff --git a/README.md b/README.md
index ab02cb2..9d8e8ce 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,3 @@
 # sulej.ch
 
 Welcome to the official repository of **[sulej.ch](https://sulej.ch/)**, my personal website.
-
-I have future plans for this repository, but that is a project for the future.