feat: add NetworkPolicy (#357) #233
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Charts | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| release: | |
| permissions: | |
| contents: write # for pushing to gh-pages (HTTPS Helm repository) | |
| packages: write # for pushing to GHCR (OCI Helm repository) | |
| id-token: write # for signing with keyless cosign | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Cosign | |
| uses: sigstore/[email protected] | |
| - name: Configure Git | |
| run: | | |
| git config user.name "$GITHUB_ACTOR" | |
| git config user.email "[email protected]" | |
| - name: Add Helm repositories | |
| run: | | |
| helm repo add dandydev https://dandydeveloper.github.io/charts | |
| - name: Run chart-releaser | |
| uses: helm/[email protected] | |
| with: | |
| charts_dir: helm | |
| env: | |
| CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
| CR_GENERATE_RELEASE_NOTES: true | |
| # See https://github.com/helm/chart-releaser/issues/183 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Push Charts to GHCR and Sign | |
| run: | | |
| shopt -s nullglob | |
| for pkg in .cr-release-packages/*; do | |
| if [ -z "${pkg:-}" ]; then | |
| break | |
| fi | |
| chart_name=$(echo "${pkg##*/}" | sed 's/-[0-9].*$//') | |
| repo="ghcr.io/${GITHUB_REPOSITORY_OWNER}/charts" | |
| helm push "${pkg}" "oci://${repo}" |& grep Digest: | awk '{print $NF}' > digest.txt | |
| cosign sign --yes "${repo}/${chart_name}@$(cat digest.txt)" | |
| done |