Sign git commits with GPG in GitHub Actions Generate a GPG key (see here) gpg --full-generate-key Save the GPG passphrase to secrets as GPG_KEY_PASSPHRASE
Create CA (root and intermediate) and sign certificates Setup the environment variables in the env.sh file CA_ROOT_PASSPHRASE='SuperStrongROOTPassphrase' CA_ROOT_EMAIL='contact@example.com' CA_ROOT_COMMON_NAME="Example" CA_ROOT_COUNTRY="US" CA_ROOT_STATE="New York"