Simplify up ssh key signing logic

Reviewed-on: #2

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "artix-metro",
-  "version": "3.1.2",
+  "version": "3.1.3",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "artix-metro",
-      "version": "3.1.2",
+      "version": "3.1.3",
       "license": "MIT",
       "dependencies": {
         "artix-checkupdates": "1.0.2",
@@ -21,7 +21,7 @@
       "devDependencies": {
         "@sindresorhus/tsconfig": "7.0.0",
         "@types/cli-color": "2.0.6",
-        "@types/node": "22.13.10",
+        "@types/node": "22.13.13",
         "typescript": "5.8.2"
       }
     },
@@ -63,9 +63,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "22.13.10",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.10.tgz",
-      "integrity": "sha512-I6LPUvlRH+O6VRUqYOcMudhaIdUVWfsjnZavnsraHvpBwaEyMN29ry+0UVJhImYL16xsscu0aske3yA+uPOWfw==",
+      "version": "22.13.13",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.13.tgz",
+      "integrity": "sha512-ClsL5nMwKaBRwPcCvH8E7+nU4GxHVx1axNvMZTFHMEfNI7oahimt26P5zjVCRrjiIWj6YFXfE1v3dEp94wLcGQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -758,9 +758,9 @@
       "dev": true
     },
     "@types/node": {
-      "version": "22.13.10",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.10.tgz",
-      "integrity": "sha512-I6LPUvlRH+O6VRUqYOcMudhaIdUVWfsjnZavnsraHvpBwaEyMN29ry+0UVJhImYL16xsscu0aske3yA+uPOWfw==",
+      "version": "22.13.13",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.13.tgz",
+      "integrity": "sha512-ClsL5nMwKaBRwPcCvH8E7+nU4GxHVx1axNvMZTFHMEfNI7oahimt26P5zjVCRrjiIWj6YFXfE1v3dEp94wLcGQ==",
       "dev": true,
       "requires": {
         "undici-types": "~6.20.0"

package.json

@@ -1,6 +1,6 @@
 {
   "name": "artix-metro",
-  "version": "3.1.2",
+  "version": "3.1.3",
   "description": "Automate pushing packages to Artix",
   "keywords": [
     "artix",
@@ -41,6 +41,6 @@
     "typescript": "5.8.2",
     "@sindresorhus/tsconfig": "7.0.0",
     "@types/cli-color": "2.0.6",
-    "@types/node": "22.13.10"
+    "@types/node": "22.13.13"
   }
 }

src/pusher.mts

@@ -55,14 +55,21 @@ class Pusher {
     }
 
     async refreshGpg() {
-        if (await isPasswordRequired()) {
+        const sshSignMode = 'SSHKEYSIGN' in process.env;
+        if (sshSignMode || await isPasswordRequired()) {
             console.log(clc.cyan('Refreshing signature...'));
             this._createdSignfile ||= await runCommand('touch', [SIGNFILE]);
-            await runCommand('gpg', ['-a', '--passphrase', escapeCommandParam(this._config.gpgpass || ''), '--batch', '--pinentry-mode', 'loopback', '--detach-sign', SIGNFILE]);
-            await fsp.rm(`${SIGNFILE}.asc`);
+            if (sshSignMode) {
+                await runCommand('ssh-keygen', ['-Y', 'sign', '-f', path.resolve(process.env['SSHKEYSIGN'] as string), '-n', ' git', SIGNFILE]);
+            }
+            else {
+                await runCommand('gpg', ['-a', '--passphrase', escapeCommandParam(this._config.gpgpass || ''), '--batch', '--pinentry-mode', 'loopback', '--detach-sign', SIGNFILE]);
+            }
+            await fsp.rm(`${SIGNFILE}.${sshSignMode ? 'sig' : 'asc'}`)
         }
     }
 
+
     increment(pkg: string): Promise<void> {
         return new Promise(async (res, _) => {
             const pkgbuild = path.join(this._artools.workspace, 'artixlinux', pkg, 'PKGBUILD');