Skip to content

Commit

Permalink
wip
Browse files Browse the repository at this point in the history
Signed-off-by: Ahmed AbouZaid <[email protected]>
  • Loading branch information
aabouzaid committed Oct 11, 2024
1 parent cdb8bee commit 062ecd7
Show file tree
Hide file tree
Showing 2 changed files with 50 additions and 34 deletions.
65 changes: 38 additions & 27 deletions .github/workflows/chart-release-candidate.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,43 +4,54 @@ on:
push:
branches:
- release-candidate*
- 2404-aa-update-rc-workflow

jobs:
release:
name: Release Candidate
uses: ./.github/workflows/chart-release-template.yaml
with:
branch: ${{ github.ref_name }}
workflow-ref: "camunda/camunda-platform-helm/.github/workflows/chart-release-template.yaml@refs/heads/2404-aa-update-rc-workflow"
# chart-matrix: |
# [
# {
# "name": "Helm Chart RC - 8.2",
# "directory": "charts/camunda-platform-8.2",
# "versionSuffix": "rc-8.2",
# "override": true
# },
# {
# "name": "Helm Chart RC - 8.3",
# "directory": "charts/camunda-platform-8.3",
# "versionSuffix": "rc-8.3",
# "override": true
# },
# {
# "name": "Helm Chart RC - 8.4",
# "directory": "charts/camunda-platform-8.4",
# "versionSuffix": "rc-8.4",
# "override": true
# },
# {
# "name": "Helm Chart RC - 8.5",
# "directory": "charts/camunda-platform-8.5",
# "versionSuffix": "rc-8.5",
# "override": true
# },
# {
# "name": "Helm Chart RC - 8.6",
# "directory": "charts/camunda-platform-8.6",
# "versionSuffix": "rc-8.6",
# "override": true
# }
# ]
chart-matrix: |
[
{
"name": "Helm Chart rolling - 8.2",
"name": "Helm Chart RC - 8.2",
"directory": "charts/camunda-platform-8.2",
"versionSuffix": "rc-8.2",
"override": true
},
{
"name": "Helm Chart rolling - 8.3",
"directory": "charts/camunda-platform-8.3",
"versionSuffix": "rc-8.3",
"override": true
},
{
"name": "Helm Chart rolling - 8.4",
"directory": "charts/camunda-platform-8.4",
"versionSuffix": "rc-8.4",
"override": true
},
{
"name": "Helm Chart rolling - 8.5",
"directory": "charts/camunda-platform-8.5",
"versionSuffix": "rc-8.5",
"override": true
},
{
"name": "Helm Chart rolling - 8.6",
"directory": "charts/camunda-platform-8.6",
"versionSuffix": "rc-8.6",
"versionSuffix": "test-8.2",
"override": true
}
]
]
19 changes: 12 additions & 7 deletions .github/workflows/chart-release-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,10 @@ on:
description: List of charts to release.
required: true
type: string
workflow-ref:
description: The reference of the workflow which will be used sign the chart OCI artifact in keyless mode.
required: true
type: string
chart-matrix:
description: List of charts to release.
required: true
Expand Down Expand Up @@ -134,13 +138,14 @@ jobs:
run: |
cosign sign-blob -y ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}.tgz \
--bundle ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}.cosign.bundle
# - name: Verify signed Helm chart with Cosign
# if: env.PUBLISH_ARTIFACT == 'true'
# run: |
# cosign verify-blob ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}.tgz \
# --bundle ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}.cosign.bundle \
# --certificate-identity "https://github.com/${GITHUB_WORKFLOW_REF}" \
# --certificate-oidc-issuer "https://token.actions.githubusercontent.com"
- name: Verify signed Helm chart with Cosign
if: env.PUBLISH_ARTIFACT == 'true'
run: |
cosign verify-blob -d ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}.tgz \
--bundle ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}.cosign.bundle \
--certificate-identity "https://github.com/${{ inputs.workflow-ref }}" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
--certificate-github-workflow-ref="${{ inputs.workflow-ref }}"
- name: Login to GitHub Container Registry
if: env.PUBLISH_ARTIFACT == 'true'
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
Expand Down

0 comments on commit 062ecd7

Please sign in to comment.