From ea2f7607b8ff08c6312e09caab22e07f1d0853e7 Mon Sep 17 00:00:00 2001
From: ShahanaFarooqui <shahana.farooqui@gmail.com>
Date: Tue, 14 Oct 2025 21:23:25 -0700
Subject: [PATCH] tools: Read the correct default-key from gpgconf

Workflow error `gpg: using "4129A994AA7E9852" is thrown due to incorrect gpg parsing. Update the awk parsing logic to properly locate and extract the key fingerprint within the gpgconf --list-options output structure, ensuring automated signing uses the correct key.

Changelog-None.
---
 tools/build-release.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/build-release.sh b/tools/build-release.sh
index a42f1dcdd..1280d7999 100755
--- a/tools/build-release.sh
+++ b/tools/build-release.sh
@@ -228,7 +228,7 @@ if [ -z "${TARGETS##* sign *}" ]; then
     echo "Signing Release"
     cd release/ || exit
     sha256sum clightning-"$VERSION"* > SHA256SUMS-"$VERSION"
-    gpg -sb --armor -o SHA256SUMS-"$VERSION".asc "$(gpgconf --list-options gpg | awk -F: '$1 == "default-key" {print $10}' | tr -d '"')" SHA256SUMS-"$VERSION"
+    gpg -sb --armor --default-key "$(gpgconf --list-options gpg | awk -F: '$1 == "default-key" {print $10}' | tr -d '"')" -o SHA256SUMS-"$VERSION".asc SHA256SUMS-"$VERSION"
     cd ..
     echo "Release Signed"
 fi