bartvdbraak/helm-chart
1
0
Fork 0
forked from lunny/helm-chart
Code Pull Requests 1 Activity

Sign helm releases (#427)

Browse Source 
fix #31

First stab, need to iterate most likely.

@techknowlogick @lunny Could one of you add the GPG secrets here so the signing can be tested?

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/427
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
This commit is contained in:
pat-s
2023-05-13 18:11:14 +08:00
committed by pat-s
parent eefa169b8d
commit 9c7e85a2bb
1 changed files with 15 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
.gitea/workflows/release-version.yml
View File

@ -19,24 +19,35 @@ jobs:
apt update -y apt update -y
apt install -y python helm python3-pip apt-transport-https apt install -y python helm python3-pip apt-transport-https
pip install awscli pip install awscli
- name: Import GPG key
id: import_gpg
uses: https://github.com/crazy-max/ghaction-import-gpg@v5
with:
gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0
# Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
- name: package chart - name: package chart
run: | run: |
# FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
helm plugin install https://github.com/pat-s/helm-gpg
helm dependency update helm dependency update
helm package --version "${GITHUB_REF#refs/tags/v}" ./ helm package --version "${GITHUB_REF#refs/tags/v}" ./
helm gpg sign "gitea-${GITHUB_REF#refs/tags/v}.tgz"
mkdir gitea mkdir gitea
mv gitea*.tgz gitea/ mv gitea*.tgz gitea/
curl -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml curl -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml
helm repo index gitea/ --url https://dl.gitea.io/charts --merge gitea/index.yaml helm repo index gitea/ --url https://dl.gitea.io/charts --merge gitea/index.yaml
- name: aws credential configure - name: aws credential configure
uses: https://github.com/aws-actions/configure-aws-credentials@v2 uses: https://github.com/aws-actions/configure-aws-credentials@v2
with: with:
aws-access-key-id: ${{ secrets.AWS_KEY_ID }} aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }} aws-region: ${{ secrets.AWS_REGION }}
- name: install aws cli
run: |
apt update -y &&
pip install awscli
- name: Copy files to S3 and clear cache - name: Copy files to S3 and clear cache
run: | run: |
aws s3 sync gitea/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/ aws s3 sync gitea/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/