From 8fe0047822cdd63c72f3bef4d11f77c7ace0e6ba Mon Sep 17 00:00:00 2001
From: Scott Nonnenberg <scott@signal.org>
Date: Mon, 15 May 2023 17:45:30 -0700
Subject: [PATCH] aptly.sh: Pull passphrase for gpg-signing from file

---
 aptly.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/aptly.sh b/aptly.sh
index b8f688849..5762b402e 100755
--- a/aptly.sh
+++ b/aptly.sh
@@ -41,12 +41,12 @@ if [ "$FIRST_RUN" = true ] ; then
   # https://www.aptly.info/doc/aptly/publish/snapshot/
   echo
   echo "aptly.sh: (first run) Setting up local publish with current snapshot"
-  aptly publish snapshot -gpg-key="$GPG_KEYID" -distribution="$CURRENT" "$SNAPSHOT"
+  aptly publish snapshot -passphrase-file=gpg-passphrase.txt -batch=true -gpg-key="$GPG_KEYID" -distribution="$CURRENT" "$SNAPSHOT"
 else
   # https://www.aptly.info/doc/aptly/publish/switch/
   echo
   echo "aptly.sh: (later runs) Switching local publish to current snapshot"
-  aptly publish switch -gpg-key="$GPG_KEYID" "$CURRENT" "$SNAPSHOT"
+  aptly publish switch -passphrase-file=gpg-passphrase.txt -batch=true -gpg-key="$GPG_KEYID" "$CURRENT" "$SNAPSHOT"
 fi
 
 echo