bump tsa chart for timestamp-server v1.2.3 release (#841) #552

Summary
Jobs
- release
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/release.yml at 8994bfd

	name: Release Charts

	on:
	push:
	branches:
	- main
	paths:
	- "charts/**"

	jobs:
	release:
	runs-on: ubuntu-latest

	permissions:
	contents: write
	packages: write
	id-token: write

	steps:
	- name: Checkout
	uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
	with:
	fetch-depth: 0

	- name: Configure Git
	run: \|
	git config user.name "$GITHUB_ACTOR"
	git config user.email "[email protected]"

	- name: Set up Helm
	uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0

	- name: Add dependency chart repos
	run: \|
	helm repo add sigstore https://sigstore.github.io/helm-charts

	- name: Install sigstore Helm plugin
	run: \|
	helm plugin install https://github.com/sigstore/helm-sigstore

	- name: Install GPG Keys
	run: \|
	cat <(echo -e "${{ secrets.GPG_PRIVATE_KEY }}") \| gpg --import --batch
	gpg --export > /home/runner/.gnupg/pubring.gpg
	gpg --export-secret-keys > /home/runner/.gnupg/secring.gpg

	- name: Run chart-releaser
	uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0
	env:
	CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
	CR_SIGN: "true"
	CR_KEY: "${{ secrets.GPG_KEY_NAME }}"
	CR_KEYRING: "/home/runner/.gnupg/secring.gpg"

	- name: Upload Helm Charts to Rekor
	run: \|
	for chart in `find .cr-release-packages -name '*.tgz' -print`; do
	helm sigstore upload --keyring=/home/runner/.gnupg/secring.gpg ${chart}
	done

	- name: Login to GitHub Container Registry
	uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Install Cosign
	uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0

	- name: Publish and Sign OCI Charts
	run: \|
	for chart in `find .cr-release-packages -name '*.tgz' -print`; do
	helm push ${chart} oci://ghcr.io/${GITHUB_REPOSITORY} \|& tee helm-push-output.log
	file_name=${chart##*/}
	chart_name=${file_name%-*}
	digest=$(awk -F "[, ]+" '/Digest/{print $NF}' < helm-push-output.log)
	cosign sign "ghcr.io/${GITHUB_REPOSITORY}/${chart_name}@${digest}"
	done
	env:
	COSIGN_YES: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

bump tsa chart for timestamp-server v1.2.3 release (#841) #552

Workflow file

bump tsa chart for timestamp-server v1.2.3 release (#841) #552

Jobs

Run details

Workflow file for this run