WIP

Signed-off-by: Martin Weise <martin.weise@tuwien.ac.at>

WIP
e174bb4b · Martin Weise · 26d79b92 · e174bb4b
Verified Commit e174bb4b authored 3 weeks ago by Martin Weise
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -538,23 +538,24 @@ release-helm:
  dependencies:
    - build-helm
  before_script:
-    - "apk add --no-cache sed helm make"
+    - "apk add --no-cache sed helm make gpg"
    - "docker logout ${CI_REGISTRY_URL}"
    - "echo ${CI_REGISTRY_PASSWORD} | docker login --username ${CI_REGISTRY_USER} --password-stdin ${CI_REGISTRY_URL}"
    - "docker logout ${CI_REGISTRY2_URL}"
    - "echo ${CI_REGISTRY2_PASSWORD} | docker login --username ${CI_REGISTRY2_USER} --password-stdin ${CI_REGISTRY2_URL}"
-    - "mkdir -p /root/.gnupg"
-    - echo "$CI_GPG_KEYRING" | base64 -d > /root/.gnupg/secring.gpg
-    - echo "$CI_GPG_KEYRING2" | base64 -d > /root/.gnupg/pubring.gpg
+    - "mkdir -p ~/.gnupg"
+    - echo "$CI_GPG_KEYRING" | base64 -d > ~/.gnupg/secring.gpg
+    - echo "$CI_GPG_KEYRING2" | base64 -d > ~/.gnupg/pubring.gpg
    - helm registry login --username "${CI_REGISTRY_USER}" --password "${CI_REGISTRY_PASSWORD}" "${CI_REGISTRY_URL}"
    - helm registry login --username "${CI_REGISTRY2_USER}" --password "${CI_REGISTRY2_PASSWORD}" "${CI_REGISTRY2_URL}"
    - make build-helm
-    - ls -la /root/.gnupg
-    - "helm package ./helm/dbrepo --sign --key 'Martin Weise' --keyring /root/.gnupg/secring.gpg --destination ./build"
+    - "gpg --import ~/.gnupg/pubring.gpg"
+    - "gpg --list-keys"
+    - "helm package ./helm/dbrepo --sign --key 'Martin Weise' --keyring ~/.gnupg/secring.gpg --destination ./build"
    - "helm plugin install https://github.com/sigstore/helm-sigstore"
  script:
    - "helm push ./build/dbrepo-${CHART_VERSION}.tgz oci://${CI_REGISTRY2_URL}/helm"
-    - "helm sigstore upload --keyring /root/.gnupg/pubring.gpg ./build/dbrepo-${CHART_VERSION}.tgz"
+    - "helm sigstore upload --keyring ~/.gnupg/pubring.gpg ./build/dbrepo-${CHART_VERSION}.tgz"

 release-docs:
  stage: release