Cannot use gpg --import private_key.gpg directly in GitHub Actions as directed by the doc

[FanchenBao]

What are the steps to reproduce this issue?

1. Follow the documentation to create a private key and put it in GitHub's secrets with the name GPG_PRIVATE_KEY
2. Use this minimum reproducible yaml to set up GitHub Actions

name: demo
on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]
jobs:
  demo_error_on_gpg_import:
    runs-on: ubuntu-latest
    env:
      GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}$
    steps:
      - name: Setup git secret
        run: |
          sudo apt-get update && sudo apt-get install -y git-secret
          echo $GPG_PRIVATE_KEY | tr ',' '\n' > ./private_key.gpg
          gpg --import private_key.gpg

3. Trigger GitHub Actions

What happens?

It seems like gpg --import requires command line interaction, which GitHub Actions cannot provide. Hence, the Inappropriate ioctl for device error is thrown.

What were you expecting to happen?

gpg --import private_key.gpg can be executed on GitHub Actions without problem.

Any logs, error output, etc?

gpg: key 9E22ADA9E6532937: public key "gcp_related GitHub <[email protected]>" imported
gpg: key 9E22ADA9E6532937/9E22ADA9E6532937: error sending to agent: Inappropriate ioctl for device
gpg: key 9E22ADA9E6532937/59E87A3B8BF021B7: error sending to agent: Inappropriate ioctl for device
gpg: error reading 'private_key.gpg': Inappropriate ioctl for device
gpg: import from 'private_key.gpg' failed: Inappropriate ioctl for device
gpg: Total number processed: 0
gpg:               imported: 1
gpg:       secret keys read: 1
Error: Process completed with exit code 2.

Any other comments?

This problem can be resolved by explicitly telling gpg not to allow command line interaction, i.e.

gpg --batch --yes --pinentry-mode loopback --import private_key.gpg

If we replace gpg --import private_key.gpg with the line above, no error is thrown. Therefore, I hope the documentation can be updated to reflect this issue.

What versions of software are you using?

Operating system: (uname -a)
The version reported is the one on the virtual machine of GitHub Actions.

Linux fv-az193-897 5.4.0-1047-azure #49-Ubuntu SMP Thu Apr 22 14:30:37 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

git-secret path: (which git-secret)
/usr/bin/git-secret

git-secret version: (git secret --version)
0.2.2

git version: (git --version)
git version 2.31.1

Shell type and version: ($SHELL --version)
GNU bash, version 5.0.17(1)-release (x86_64-pc-linux-gnu)

gpg version: (gpg --version)
gpg (GnuPG) 2.2.19

[sobolevn]

@FanchenBao yes, sure! Please send a PR.

[FanchenBao]

@sobolevn Sure thing.

[joshrabinowitz]

See also #699

@FanchenBao it would be great if you submitted a PR for this!

[FanchenBao]

@joshrabinowitz PR just submitted for this issue. I apologize for putting this on the back burner for such a loooong time.