Skip to content

Commit

Permalink
chore: verify ArtifactHub ownership as OCI artifact (#102)
Browse files Browse the repository at this point in the history
Signed-off-by: Tomas Coufal <tcoufal@redhat.com>
  • Loading branch information
tumido authored May 15, 2023
1 parent 1d5bd60 commit 0d63acc
Show file tree
Hide file tree
Showing 5 changed files with 24 additions and 3 deletions.
5 changes: 5 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,9 @@ jobs:
- name: Install Cosign
uses: sigstore/cosign-installer@204a51a57a74d190b284a0ce69b44bc37201f343 #pin@v3.0.3

- name: Install Oras
uses: oras-project/setup-oras@c90396b2ddabd5a364e6551a79984c86cc036996 # v1.0.0

- name: Publish and Sign OCI Charts
run: |
for chart in `find .cr-release-packages -name '*.tgz' -print`; do
Expand All @@ -56,6 +59,8 @@ jobs:
chart_name=${file_name%-*}
digest=$(awk -F "[, ]+" '/Digest/{print $NF}' < helm-push-output.log)
cosign sign -y "ghcr.io/${GITHUB_REPOSITORY}/${chart_name}@${digest}"
oras push "ghcr.io/${GITHUB_REPOSITORY}/${chart_name}:artifacthub.io" "./charts/${chart_name}/artifacthub-repo.yml:application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml"
done
env:
COSIGN_EXPERIMENTAL: 1
2 changes: 1 addition & 1 deletion charts/backstage/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,4 +38,4 @@ sources:
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.22.3
version: 0.22.4
4 changes: 3 additions & 1 deletion charts/backstage/README.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@

# Backstage Helm Chart

![Version: 0.22.3](https://img.shields.io/badge/Version-0.22.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/janus-idp&style=flat-square)](https://artifacthub.io/packages/search?repo=janus-idp)
![Version: 0.22.4](https://img.shields.io/badge/Version-0.22.4-informational?style=flat-square)
![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)

A Helm chart for deploying a Backstage application

Expand Down
4 changes: 3 additions & 1 deletion charts/backstage/README.md.gotmpl
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,9 @@

{{ template "chart.deprecationWarning" . }}

{{ template "chart.badgesSection" . }}
[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/janus-idp&style=flat-square)](https://artifacthub.io/packages/search?repo=janus-idp)
{{ template "chart.versionBadge" . }}
{{ template "chart.typeBadge" . }}

{{ template "chart.description" . }}

Expand Down
12 changes: 12 additions & 0 deletions charts/backstage/artifacthub-repo.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Artifact Hub repository metadata file
#
# Some settings like the verified publisher flag or the ignored packages won't
# be applied until the next time the repository is processed. Please keep in
# mind that the repository won't be processed if it has not changed since the
# last time it was processed. Depending on the repository kind, this is checked
# in a different way. For Helm http based repositories, we consider it has
# changed if the `index.yaml` file changes. For git based repositories, it does
# when the hash of the last commit in the branch you set up changes. This does
# NOT apply to ownership claim operations, which are processed immediately.
#
repositoryID: b17b52d1-dd33-4328-84bf-259d5ee7546b

0 comments on commit 0d63acc

Please sign in to comment.