V8.13.392.2025.11.07

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

.gitea/workflows/generate_PRIVATE_trixie_1.yaml

@@ -131,7 +131,7 @@ jobs:
           set +x
           set -euo pipefail
           umask 0077
-          GNUPGHOME="/dev/shm/gnupg.${GITHUB_RUN_ID}.${GITHUB_JOB}"
+          GNUPGHOME="${PWD}/gnupg.${GITHUB_RUN_ID}.${GITHUB_JOB}"
           # shellcheck disable=SC2174
           mkdir -p -m 0700 "${GNUPGHOME}"
           echo "GNUPGHOME=${GNUPGHOME}"  >> "${GITHUB_ENV}"
@@ -150,7 +150,7 @@ jobs:
 
       - name: ⚙️ Configuring Git for signed CI/DEPLOY commits.
         run: |
-          set +x
+          #set +x
           set -euo pipefail
           git config user.name "Marc S. Weidner BOT"
           git config user.email "msw+bot@coresecret.dev"

.gitea/workflows/linter_char_scripts.yaml

@@ -89,7 +89,7 @@ jobs:
         run: |
           set -euo pipefail
           ### GPG-Home relative to the Runner Workspace to avoid changing global files.
-          export GNUPGHOME="$(pwd)/.gnupg"
+          export GNUPGHOME="$(PWD)/.gnupg"
           mkdir -m 700 "${GNUPGHOME}"
           echo "${{ secrets.PGP_MSW_DEPLOY_CORESECRET_DEV }}" >| ci-bot.sec.asc
           gpg --batch --import ci-bot.sec.asc
@@ -101,7 +101,7 @@ jobs:
         shell: bash
         run: |
           set -euo pipefail
-          export GNUPGHOME="$(pwd)/.gnupg"
+          export GNUPGHOME="$(PWD)/.gnupg"
           git config user.name "Marc S. Weidner BOT"
           git config user.email "msw+bot@coresecret.dev"
           git config commit.gpgsign true
@@ -268,7 +268,7 @@ jobs:
           GIT_SSH_COMMAND: "ssh -p 42842"
         run: |
           set -euo pipefail
-          export GNUPGHOME="$(pwd)/.gnupg"
+          export GNUPGHOME="$(PWD)/.gnupg"
 
           echo "🔄 Fetching origin/master ..."
           git fetch origin master
@@ -304,7 +304,7 @@ jobs:
           GIT_SSH_COMMAND: "ssh -p 42842"
         run: |
           set -euo pipefail
-          export GNUPGHOME="$(pwd)/.gnupg"
+          export GNUPGHOME="$(PWD)/.gnupg"
 
           if git diff --cached --quiet; then
             echo "✔️ No staged changes to commit."

ciss_live_builder.sh

@@ -105,12 +105,13 @@ for arg in "$@"; do case "${arg,,}" in -h|--help)    . ./lib/lib_usage.sh     ;
 for arg in "$@"; do case "${arg,,}" in -v|--version) . ./lib/lib_version.sh   ; version; exit 0;; esac; done
 for arg in "$@"; do case "${arg,,}" in -d|--debug)   . ./meta_sources_debug.sh; debugger "${@}";; esac; done
 
+### ALL CHECKS DONE. READY TO START THE SCRIPT.
+printf "\e[95m++++ ++++ ++++ ++++ ++++ ++++ ++ 🧪 %s starting ... \e[0m\n" "${BASH_SOURCE[0]}"
+declare -grx VAR_SETUP="true"
+
 ### SECURING SECRETS ARTIFACTS.
 find "${VAR_TMP_SECRET}" -type f -exec chmod 0400 {} +
 
-### ALL CHECKS DONE. READY TO START THE SCRIPT.
-declare -grx VAR_SETUP="true"
-
 ### SOURCING VARIABLES.
 [[ "${VAR_SETUP}" == true ]] && {
   source_guard "./var/color.var.sh"

lib/lib_clean_up.sh

@@ -62,7 +62,7 @@ clean_up() {
   # Kill gpg-agent and remove artifacts securely.
   if [[ ! "${VAR_CDLB_INSIDE_RUNNER}" == "true" ]]; then
 
-    if [[ -n "${GNUPGHOME:-}" && -d "${GNUPGHOME}" && "${GNUPGHOME}" == /dev/shm/cdlb_*_gnupg ]]; then
+    if [[ -n "${GNUPGHOME:-}" && -d "${GNUPGHOME}" ]]; then
 
       gpgconf --kill gpg-agent >/dev/null 2>&1 || true
 

lib/lib_gnupg.sh

@@ -46,7 +46,7 @@ init_gnupg() {
 
       printf "\e[93m++++ ++++ ++++ ++++ ++++ ++++ ++ VAR_CDLB_INSIDE_RUNNER: [%s] \e[0m\n" "${VAR_CDLB_INSIDE_RUNNER}"
 
-      declare -grx GNUPGHOME="/dev/shm/cdlb_${VAR_ISO8601}_gnupg"
+      declare -grx GNUPGHOME="/${VAR_WORKDIR}/cdlb_${VAR_ISO8601}_gnupg"
 
       # shellcheck disable=SC2174
       mkdir -p -m 0700 "${GNUPGHOME}"
@@ -63,7 +63,6 @@ EOF
 
         printf "\e[91m++++ ++++ ++++ ++++ ++++ ++++ ++ Failed to launch gpg-agent. \e[0m\n"
 
-
       fi
 
     else