chore(helm): Update Image Tags (#553) #84

Summary
Jobs
- helm-chart
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/release-chart.yaml at 2e5fe9d

	name: release-chart

	on:
	push:
	tags:
	- 'policy-reporter-chart-v*'

	jobs:
	helm-chart:
	runs-on: ubuntu-latest
	permissions:
	packages: write
	contents: write
	pages: write
	id-token: write
	steps:
	- name: Checkout
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	fetch-depth: 0

	- name: Verify Helm Docs
	run: \|
	set -e
	make verify-helm-docs

	- name: Configure Git
	run: \|
	git config user.name "$GITHUB_ACTOR"
	git config user.email "[email protected]"

	- name: Install Helm
	uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
	with:
	version: v3.16.1

	- name: Prepare GPG key
	run: \|
	gpg_dir=.cr-gpg
	mkdir "$gpg_dir"
	keyring="$gpg_dir/secring.gpg"
	base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring"
	passphrase_file="$gpg_dir/passphrase"
	echo "$GPG_PASSPHRASE" > "$passphrase_file"
	echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV"
	echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV"
	env:
	GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}" #Referring secrets of github above
	GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"

	- name: Run chart-releaser
	uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0
	id: cr
	env:
	CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
	CR_KEY: "${{ secrets.CR_KEY }}"
	CR_SIGN: true

	- name: Install Cosign
	uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0

	- name: Login to Github Packages
	uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Set version
	run: \|
	set -e
	TAG=${{ github.ref_name }}
	echo "VERSION=${TAG#policy-reporter-chart-v}" >> $GITHUB_ENV

	- name: Push to OCI
	run: \|
	set -e
	output=$(helm push .cr-release-packages/policy-reporter-${{ env.VERSION }}.tgz oci://ghcr.io/${{github.repository_owner}}/charts 2>&1)
	digest=$( echo "$output" \| grep Digest \| cut -c9-)
	echo CR_DIGEST=$digest
	echo "CR_DIGEST=$digest" >> "$GITHUB_ENV"

	- name: Sign Chart
	run: \|
	cosign sign --yes ghcr.io/${{github.repository_owner}}/charts/policy-reporter@${{ env.CR_DIGEST }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(helm): Update Image Tags (#553) #84

Workflow file

chore(helm): Update Image Tags (#553) #84

Jobs

Run details

Workflow file for this run