Skip to content

ci: sign Helm charts for ArtifactHub#307

Merged
KeiaiLab-PHIL merged 1 commit into
mainfrom
codex/helm-signing-publish-fix
Jun 11, 2026
Merged

ci: sign Helm charts for ArtifactHub#307
KeiaiLab-PHIL merged 1 commit into
mainfrom
codex/helm-signing-publish-fix

Conversation

@KeiaiLab-PHIL

@KeiaiLab-PHIL KeiaiLab-PHIL commented Jun 11, 2026

Copy link
Copy Markdown
Contributor

Summary

  • sign OCI Helm chart packages in helm-publish using the configured PGP key so ArtifactHub can report signed=true
  • keep duplicate tag/release publishes idempotent, while workflow_dispatch can republish an existing chart version for backfill
  • extend ArtifactHub smoke retry window based on observed tracker latency
  • update the smoke shell test for strict OCI/version/appVersion/signed validation

Validation

  • bash -n hack/artifacthub_smoke.sh hack/artifacthub_smoke_test.sh
  • bash hack/artifacthub_smoke_test.sh
  • actionlint .github/workflows/helm-publish.yml .github/workflows/artifacthub-verify.yml
  • git diff --check
  • TAG=1.12.4 ARTIFACTHUB_SMOKE_ATTEMPTS=1 bash hack/artifacthub_smoke.sh (expected current live failure: ArtifactHub signed=false before republish)

ci: sign Helm charts for ArtifactHub
302dce2 
Signed-off-by: keiailab <noreply@keiailab.com>
@KeiaiLab-PHIL KeiaiLab-PHIL merged commit 1956e6e into main Jun 11, 2026
12 checks passed
@KeiaiLab-PHIL KeiaiLab-PHIL deleted the codex/helm-signing-publish-fix branch June 11, 2026 00:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@KeiaiLab-PHIL