From 42dbe10fb3f68496b16e3051d911e7e62df02468 Mon Sep 17 00:00:00 2001
From: Nicola Squartini <tensor5@gmail.com>
Date: Wed, 17 Aug 2022 11:41:30 +0900
Subject: [PATCH] docs: explain the `gpg-fingerprint` input parameter

---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index 7ae4486..ffc5543 100644
--- a/README.md
+++ b/README.md
@@ -176,6 +176,8 @@ For the bot to produce signed commits, you will have to provide the GPG private
 
 When using commit signing, the commit author name and email for the commits produced by this bot would correspond to the ones associated to the GPG Public Key. 
 
+If you want to sign using a subkey, you must specify the subkey fingerprint using the `gpg-fingerprint` input parameter.
+
 You can find an example of how to using this action with commit signing below:
 
 ```yaml
@@ -198,6 +200,7 @@ jobs:
         with:
           sign-commits: true
           gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+          gpg-fingerprint: ${{ secrets.GPG_FINGERPRINT }} # specify subkey fingerprint (optional)
           gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
 ```