Skip to content

Commit 645a5e2

Browse files
morrison-sapmorrison-sap
committed
fix: extract chart digest from helm push output
The oras resolve command fails with 'not found' immediately after helm push. Instead, extract the digest directly from helm push output which already contains the digest information (format: 'Digest: sha256:...'). On-behalf-of: Gerald Morrison (SAP) <gerald.morrison@sap.com> Signed-off-by: Gerald Morrison (SAP) <gerald.morrison@sap.com>
1 parent 2caa8a0 commit 645a5e2

File tree

1 file changed

+11
-10
lines changed

1 file changed

+11
-10
lines changed

.github/workflows/kubernetes-controller-new.yml

Lines changed: 11 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -360,27 +360,28 @@ jobs:
360360
run: oras tag "${IMAGE_NAME}:${VERSION}" latest
361361

362362
- name: Package and push Helm chart
363+
id: chart-push
363364
working-directory: ${{ env.LOCATION }}
364365
env:
365366
VERSION: ${{ needs.build.outputs.version }}
366367
IMAGE_DIGEST: ${{ steps.image-digest.outputs.digest }}
367368
run: |
368369
task helm/package VERSION="${VERSION}" APP_VERSION="${VERSION}" IMAGE_DIGEST="${IMAGE_DIGEST}"
369-
helm push dist/ocm-k8s-toolkit-${VERSION}.tgz oci://${{ env.REGISTRY }}/${{ github.repository_owner }}/kubernetes/controller/chart
370-
371-
- name: Resolve chart digest
372-
id: chart-digest
373-
env:
374-
VERSION: ${{ needs.build.outputs.version }}
375-
run: |
376-
CHART_REPO="${{ env.REGISTRY }}/${{ github.repository_owner }}/kubernetes/controller/chart"
377-
echo "digest=$(oras resolve ${CHART_REPO}:${VERSION})" >> "$GITHUB_OUTPUT"
370+
371+
# Push chart and capture digest from output
372+
PUSH_OUTPUT=$(helm push dist/ocm-k8s-toolkit-${VERSION}.tgz oci://${{ env.REGISTRY }}/${{ github.repository_owner }}/kubernetes/controller/chart 2>&1)
373+
echo "$PUSH_OUTPUT"
374+
375+
# Extract digest from helm push output (format: "Digest: sha256:...")
376+
CHART_DIGEST=$(echo "$PUSH_OUTPUT" | grep -oP 'Digest: \Ksha256:[a-f0-9]+')
377+
echo "digest=${CHART_DIGEST}" >> "$GITHUB_OUTPUT"
378+
echo "✓ Chart pushed with digest: ${CHART_DIGEST}"
378379
379380
- name: Attest chart
380381
uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3
381382
with:
382383
github-token: ${{ secrets.GITHUB_TOKEN }}
383-
subject-digest: ${{ steps.chart-digest.outputs.digest }}
384+
subject-digest: ${{ steps.chart-push.outputs.digest }}
384385
subject-name: ${{ env.REGISTRY }}/${{ github.repository_owner }}/kubernetes/controller/chart
385386
push-to-registry: true
386387

0 commit comments

Comments
 (0)