.gitea/workflows/release-version.yml aktualisiert

.gitea/workflows/release-version.yml

@@ -1,70 +1,68 @@
-name: generate-chart
+name: check-secrets
 
 on:
   push:
-    tags:
-      - "*"
-
-env:
-  # renovate: datasource=docker depName=alpine/helm
-  HELM_VERSION: "3.17.1"
 
 jobs:
-  generate-chart-publish:
+  check-secrets:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - name: install tools
+      
+      - name: Check all required secrets
         run: |
-          apt update -y
+          echo "=== Checking availability of required secrets ==="
-          apt install -y curl ca-certificates curl gnupg
-          # helm
-          curl -O https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
-          tar -xzf helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
-          mv linux-amd64/helm /usr/local/bin/
-          rm -rf linux-amd64 helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
-          helm version
-          # docker
-          install -m 0755 -d /etc/apt/keyrings
-          curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
-          chmod a+r /etc/apt/keyrings/docker.gpg
-          echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
-          apt update -y
-          apt install -y python3 python3-pip apt-transport-https docker-ce-cli
-          pip install awscli --break-system-packages
           
-      - name: Import GPG key
+          # List of all secrets used in the original workflow
-        id: import_gpg
+          SECRETS=(
-        uses: https://github.com/crazy-max/ghaction-import-gpg@v6
+            "GPGSIGN_KEY"
-        with:
+            "GPGSIGN_PASSPHRASE"
-          gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
+            "DOCKER_CHARTS_PASSWORD"
-          passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
+            "DOCKER_CHARTS_USERNAME"
-          fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0
+            "AWS_KEY_ID"
+            "AWS_SECRET_ACCESS_KEY"
+            "AWS_REGION"
+            "AWS_S3_BUCKET"
+          )
           
-      # Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
+          MISSING_SECRETS=()
-      - name: package chart
+          AVAILABLE_SECRETS=()
-        run: |
-          echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin
-          # FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
-          helm plugin install https://github.com/pat-s/helm-gpg
-          helm dependency build
-          helm package --version "${GITHUB_REF#refs/tags/v}" ./
-          mkdir actions
-          mv actions*.tgz actions/
-          curl -s -L -o actions/index.yaml https://dl.gitea.com/charts/index.yaml
-          helm repo index actions/ --url https://dl.gitea.com/charts --merge actions/index.yaml
-          # push to dockerhub
-          echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin
-          helm push actions/actions-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts
-          helm registry logout registry-1.docker.io
           
-      - name: aws credential configure
+          for secret in "${SECRETS[@]}"; do
-        uses: https://github.com/aws-actions/configure-aws-credentials@v4
+            # Check if secret is set (not empty)
-        with:
+            if [ -z "${!secret:-}" ]; then
-          aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
+              echo "❌ Secret '$secret' is NOT available or empty"
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+              MISSING_SECRETS+=("$secret")
-          aws-region: ${{ secrets.AWS_REGION }}
+            else
+              echo "✅ Secret '$secret' is available"
+              AVAILABLE_SECRETS+=("$secret")
+            fi
+          done
           
-      - name: Copy files to S3 and clear cache
+          echo ""
-        run: |
+          echo "=== Summary ==="
-          aws s3 sync actions/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/
+          echo "Available secrets: ${#AVAILABLE_SECRETS[@]}"
+          echo "Missing secrets: ${#MISSING_SECRETS[@]}"
+          
+          if [ ${#MISSING_SECRETS[@]} -gt 0 ]; then
+            echo ""
+            echo "Missing secrets:"
+            for secret in "${MISSING_SECRETS[@]}"; do
+              echo "  - $secret"
+            done
+            echo ""
+            echo "❌ Some secrets are missing. Please configure them in repository settings."
+            exit 1
+          else
+            echo ""
+            echo "✅ All required secrets are available!"
+          fi
+        env:
+          GPGSIGN_KEY: ${{ secrets.GPGSIGN_KEY }}
+          GPGSIGN_PASSPHRASE: ${{ secrets.GPGSIGN_PASSPHRASE }}
+          DOCKER_CHARTS_PASSWORD: ${{ secrets.DOCKER_CHARTS_PASSWORD }}
+          DOCKER_CHARTS_USERNAME: ${{ secrets.DOCKER_CHARTS_USERNAME }}
+          AWS_KEY_ID: ${{ secrets.AWS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_REGION: ${{ secrets.AWS_REGION }}
+          AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}