2 Commits

Author SHA1 Message Date
ChristopherHX
4afe065177 chore: add maintainers to the chart 2025-08-20 21:50:40 +00:00
Daan Selen
b2459f322b chore: add maintainers to the chart (#32)
Add my own mainter note to the Chart.yaml

Reviewed-on: https://gitea.com/gitea/helm-actions/pulls/32
Reviewed-by: ChristopherHX <christopherhx@noreply.gitea.com>
Co-authored-by: Daan Selen <dselen@nerthus.nl>
Co-committed-by: Daan Selen <dselen@nerthus.nl>
2025-08-20 20:48:31 +00:00
2 changed files with 70 additions and 61 deletions

View File

@@ -1,68 +1,70 @@
name: check-secrets name: generate-chart
on: on:
push: push:
tags:
- "*"
env:
# renovate: datasource=docker depName=alpine/helm
HELM_VERSION: "3.17.1"
jobs: jobs:
check-secrets: generate-chart-publish:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: install tools
- name: Check all required secrets
run: | run: |
echo "=== Checking availability of required secrets ===" apt update -y
apt install -y curl ca-certificates curl gnupg
# List of all secrets used in the original workflow # helm
SECRETS=( curl -O https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
"GPGSIGN_KEY" tar -xzf helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
"GPGSIGN_PASSPHRASE" mv linux-amd64/helm /usr/local/bin/
"DOCKER_CHARTS_PASSWORD" rm -rf linux-amd64 helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
"DOCKER_CHARTS_USERNAME" helm version
"AWS_KEY_ID" # docker
"AWS_SECRET_ACCESS_KEY" install -m 0755 -d /etc/apt/keyrings
"AWS_REGION" curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
"AWS_S3_BUCKET" chmod a+r /etc/apt/keyrings/docker.gpg
) echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update -y
MISSING_SECRETS=() apt install -y python3 python3-pip apt-transport-https docker-ce-cli
AVAILABLE_SECRETS=() pip install awscli --break-system-packages
for secret in "${SECRETS[@]}"; do - name: Import GPG key
# Check if secret is set (not empty) id: import_gpg
if [ -z "${!secret:-}" ]; then uses: https://github.com/crazy-max/ghaction-import-gpg@v6
echo "❌ Secret '$secret' is NOT available or empty" with:
MISSING_SECRETS+=("$secret") gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
else passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
echo "✅ Secret '$secret' is available" fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0
AVAILABLE_SECRETS+=("$secret")
fi # Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
done - name: package chart
run: |
echo "" echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin
echo "=== Summary ===" # FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
echo "Available secrets: ${#AVAILABLE_SECRETS[@]}" helm plugin install https://github.com/pat-s/helm-gpg
echo "Missing secrets: ${#MISSING_SECRETS[@]}" helm dependency build
helm package --version "${GITHUB_REF#refs/tags/v}" ./
if [ ${#MISSING_SECRETS[@]} -gt 0 ]; then mkdir actions
echo "" mv actions*.tgz actions/
echo "Missing secrets:" curl -s -L -o actions/index.yaml https://dl.gitea.com/charts/index.yaml
for secret in "${MISSING_SECRETS[@]}"; do helm repo index actions/ --url https://dl.gitea.com/charts --merge actions/index.yaml
echo " - $secret" # push to dockerhub
done echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin
echo "" helm push actions/actions-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts
echo "❌ Some secrets are missing. Please configure them in repository settings." helm registry logout registry-1.docker.io
exit 1
else - name: aws credential configure
echo "" uses: https://github.com/aws-actions/configure-aws-credentials@v4
echo "✅ All required secrets are available!" with:
fi aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
env: aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
GPGSIGN_KEY: ${{ secrets.GPGSIGN_KEY }} aws-region: ${{ secrets.AWS_REGION }}
GPGSIGN_PASSPHRASE: ${{ secrets.GPGSIGN_PASSPHRASE }}
DOCKER_CHARTS_PASSWORD: ${{ secrets.DOCKER_CHARTS_PASSWORD }} - name: Copy files to S3 and clear cache
DOCKER_CHARTS_USERNAME: ${{ secrets.DOCKER_CHARTS_USERNAME }} run: |
AWS_KEY_ID: ${{ secrets.AWS_KEY_ID }} aws s3 sync actions/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.AWS_REGION }}
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}

View File

@@ -13,7 +13,14 @@ keywords:
sources: sources:
- https://gitea.com/gitea/helm-actions - https://gitea.com/gitea/helm-actions
- https://gitea.com/gitea/act - https://gitea.com/gitea/act
# FIXME:
# maintainers: maintainers:
# https://gitea.com/DaanSelen
- name: Daan Selen
email: dselen@nerthus.nl
# https://gitea.com/ChristopherHX
- name: Christopher Homberger
email: christopher.homberger@web.de
dependencies: [] dependencies: []