chore(deps): update gcr.io/kubebuilder/kube-rbac-proxy docker tag to … #362
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Build | |
| on: | |
| push: | |
| branches-ignore: | |
| - "gh-pages" | |
| paths-ignore: | |
| - ".github/workflows/**" | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| name: Build Helm charts | |
| runs-on: ubuntu-22.04 | |
| environment: Production | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - chart_name: self-host | |
| - chart_name: sm-operator | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Set up Helm | |
| uses: Azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 | |
| with: | |
| version: 'v3.13.1' | |
| - name: Login to Azure - CI Subscription | |
| uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 | |
| with: | |
| creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} | |
| - name: Set up GPG key and passphrase | |
| run: | | |
| az keyvault secret download \ | |
| --vault-name bitwarden-ci \ | |
| --name helm-signing-gpg-private-key \ | |
| --file private | |
| az keyvault secret download \ | |
| --vault-name bitwarden-ci \ | |
| --name helm-signing-gpg-private-key-passphrase \ | |
| --file .passphrase | |
| az keyvault secret download \ | |
| --vault-name bitwarden-ci \ | |
| --name helm-signing-gpg-public-key \ | |
| --file public | |
| gpg --dearmor private | |
| gpg --dearmor public | |
| - name: Package Helm chart | |
| id: helm_package | |
| run: | | |
| helm package \ | |
| --sign \ | |
| --key "DevOps Team" \ | |
| --keyring private.gpg \ | |
| --passphrase-file .passphrase \ | |
| charts/${{ matrix.chart_name }} | |
| PKG_NAME=$(ls *.tgz) | |
| echo "name=$PKG_NAME" >> "$GITHUB_OUTPUT" | |
| - name: Verify Helm chart | |
| run: helm verify ${{ steps.helm_package.outputs.name }} --keyring public.gpg | |
| - name: Upload Helm chart artifact | |
| uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 | |
| with: | |
| name: ${{ matrix.chart_name }} | |
| path: | | |
| ${{ steps.helm_package.outputs.name }} | |
| ${{ steps.helm_package.outputs.name }}.prov | |
| if-no-files-found: error |