public/helm-charts
1
0
Fork 0
mirror of https://github.com/bjw-s-labs/helm-charts.git synced 2025-07-04 00:47:04 +02:00
Code Issues Projects Releases Packages Wiki Activity

feat: Bump common library to v3.4.0 (#349)

Browse source
This commit is contained in:
Bernd Schorgers 2024-08-27 14:16:37 +02:00
parent a78c21ab00
commit 86062681a9
No known key found for this signature in database
GPG key ID: BC5E2BD907F9A8EC
45 changed files with 1023 additions and 149 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.github/workflows/charts-release-oci.yaml vendored
View file

@ -21,6 +21,7 @@ jobs:
name: Release charts
runs-on: ubuntu-22.04
permissions:
contents: read
packages: write # needed for ghcr access
actions: read # for detecting the Github Actions environment.
id-token: write # for creating OIDC tokens for signing.
@ -61,8 +62,8 @@ jobs:
helm package "${{ env.CHARTS_SRC_DIR }}/${CHART_TYPE}/${CHART_NAME}" --dependency-update --destination "${{ env.CHARTS_SRC_DIR }}/${CHART_TYPE}" --version "${CHART_VERSION}"
helm push "${{ env.CHARTS_SRC_DIR }}/${CHART_TYPE}/${CHART_NAME}-${CHART_VERSION}.tgz" oci://${{ env.TARGET_REGISTRY }}/${{ github.actor }}/helm &> push-metadata.txt
CHART_DIGEST=$(awk '/Digest: /{print $2}' push-metadata.txt)
cosign sign -y "${{ env.TARGET_REGISTRY }}/${{ github.actor }}/helm/${CHART_NAME}:${CHART_VERSION}@${CHART_DIGEST}"
cosign sign --yes "${{ env.TARGET_REGISTRY }}/${{ github.actor }}/helm/${CHART_NAME}:${CHART_VERSION}@${CHART_DIGEST}"
cosign verify "${{ env.TARGET_REGISTRY }}/${{ github.actor }}/helm/${CHART_NAME}:${CHART_VERSION}@${CHART_DIGEST}" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
--certificate-identity "https://github.com/${GITHUB_WORKFLOW_REF}"
--certificate-identity "https://github.com/bjw-s/helm-charts/.github/workflows/charts-release-oci.yaml@refs/heads/main"
done