From 310f282ceadff9eb2cf31c0355da470b9a15b58f Mon Sep 17 00:00:00 2001 From: Martin Weise <martin.weise@tuwien.ac.at> Date: Fri, 17 May 2024 22:29:17 +0200 Subject: [PATCH] Attempt to sign chart, let's see what happens --- .gitlab-ci.yml | 19 +++++++++++-------- helm/dbrepo/.gitignore | 3 ++- helm/dbrepo/.helmignore | 2 ++ helm/dbrepo/Chart.yaml | 2 +- helm/dbrepo/Makefile | 3 ++- 5 files changed, 18 insertions(+), 11 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7078fbf13c..f2e59741ef 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -564,9 +564,9 @@ release-images: before_script: - "echo ${CI_REGISTRY_PASSWORD} | docker login --username ${CI_REGISTRY_USER} --password-stdin $CI_REGISTRY_URL" - "echo ${CI_REGISTRY2_PASSWORD} | docker login --username ${CI_REGISTRY2_USER} --password-stdin $CI_REGISTRY2_URL" - script: - "ifconfig eth0 mtu 1450 up" - "apk add make bash" + script: - "make release" release-images-unstable: @@ -581,11 +581,11 @@ release-images-unstable: - master - dev before_script: - - echo "$CI_REGISTRY_PASSWORD" | docker login --username "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY_URL - - echo "$CI_REGISTRY2_PASSWORD" | docker login --username "$CI_REGISTRY2_USER" --password-stdin $CI_REGISTRY2_URL - script: + - "echo ${CI_REGISTRY_PASSWORD} | docker login --username ${CI_REGISTRY_USER} --password-stdin $CI_REGISTRY_URL" + - "echo ${CI_REGISTRY2_PASSWORD} | docker login --username ${CI_REGISTRY2_USER} --password-stdin $CI_REGISTRY2_URL" - "ifconfig eth0 mtu 1450 up" - "apk add make bash" + script: - "CI_COMMIT_BRANCH=release-unstable make release-images" release-chart: @@ -595,11 +595,14 @@ release-chart: refs: - /^release-.*/ before_script: - - echo "$CI_REGISTRY2_PASSWORD" | docker login --username "$CI_REGISTRY2_USER" --password-stdin $CI_REGISTRY2_URL + - "echo ${CI_REGISTRY2_PASSWORD} | docker login --username ${CI_REGISTRY2_USER} --password-stdin $CI_REGISTRY2_URL" + - "echo ${CI_GPG_KEYRING} | base64 -d > ~/keyring.gpg" + - "apk add sed helm curl" + - "helm plugin install https://github.com/sigstore/helm-sigstore" script: - - apk add sed helm curl - - helm package ./helm/dbrepo --destination ./build - - helm push "./build/dbrepo-${CHART_VERSION}.tgz" "oci://${CI_REGISTRY2_URL}/helm" + - "helm package --sign --key 'Martin Weise' ./helm/dbrepo --keyring ~/keyring.gpg --destination ./build" + - "helm push ./build/dbrepo-${CHART_VERSION}.tgz oci://${CI_REGISTRY2_URL}/helm" + - "helm sigstore upload ./build/dbrepo-${CHART_VERSION}.tgz" release-docs: stage: release diff --git a/helm/dbrepo/.gitignore b/helm/dbrepo/.gitignore index e7b18ebe6d..613d851d27 100644 --- a/helm/dbrepo/.gitignore +++ b/helm/dbrepo/.gitignore @@ -2,4 +2,5 @@ *.crt *.key *.srl -*.csr \ No newline at end of file +*.csr +build/* \ No newline at end of file diff --git a/helm/dbrepo/.helmignore b/helm/dbrepo/.helmignore index a831b54621..62d87df84f 100644 --- a/helm/dbrepo/.helmignore +++ b/helm/dbrepo/.helmignore @@ -12,6 +12,8 @@ hack/ .hg/ .hgignore .svn/ +# Generated +build/ # Common backup files *.swp *.bak diff --git a/helm/dbrepo/Chart.yaml b/helm/dbrepo/Chart.yaml index 587a7b3b09..d61aa8701a 100644 --- a/helm/dbrepo/Chart.yaml +++ b/helm/dbrepo/Chart.yaml @@ -12,7 +12,7 @@ maintainers: - name: Martin Weise email: martin.weise@tuwien.ac.at home: https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/ -icon: https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/raw/master/.docs/images/signet_white.png +icon: https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/raw/master/dbrepo-ui/public/favicon.png dependencies: - name: opensearch alias: searchdb diff --git a/helm/dbrepo/Makefile b/helm/dbrepo/Makefile index 07c03a2806..c1e8e02d8f 100644 --- a/helm/dbrepo/Makefile +++ b/helm/dbrepo/Makefile @@ -3,5 +3,6 @@ all: .PHONY: build build: ## Generate Helm values schema JSON + helm package --sign --key 'Martin Weise' . --keyring ~/.gnupg/mweise.gpg --destination ./build helm schema -input ./values.yaml - readme-generator-for-helm --readme README.md --values values.yaml \ No newline at end of file + readme-generator-for-helm --readme README.md --values values.yaml -- GitLab