This is an automated email from the ASF dual-hosted git repository.
pingtimeout pushed a commit to branch release/1.3.x
in repository https://gitbox.apache.org/repos/asf/polaris.git
The following commit(s) were added to refs/heads/release/1.3.x by this push:
new c940ded0f Update release workflows to use the new GPG private key
(1.3.x branch) (#3400)
c940ded0f is described below
commit c940ded0f6be44d58ac6f0b6606c41cb08b53304
Author: Pierre Laporte <[email protected]>
AuthorDate: Fri Jan 9 15:02:49 2026 +0100
Update release workflows to use the new GPG private key (1.3.x branch)
(#3400)
* Update release workflows to use the new GPG private key
* Fix helm unittest for GH action (#3279)
---------
Co-authored-by: Yong Zheng <[email protected]>
---
.github/workflows/helm.yml | 3 ++-
.../workflows/release-3-build-and-publish-artifacts.yml | 17 +++++------------
2 files changed, 7 insertions(+), 13 deletions(-)
diff --git a/.github/workflows/helm.yml b/.github/workflows/helm.yml
index cdfbe16a6..dd0dd5c14 100644
--- a/.github/workflows/helm.yml
+++ b/.github/workflows/helm.yml
@@ -76,7 +76,8 @@ jobs:
- name: Run Helm unit tests
run: |
- helm plugin install
https://github.com/helm-unittest/helm-unittest.git || true
+ # Pin version to 1.0.2 due to
https://github.com/helm-unittest/helm-unittest/issues/790
+ helm plugin install
https://github.com/helm-unittest/helm-unittest.git --version 1.0.2 || true
helm unittest helm/polaris
- name: Run chart-testing (lint)
diff --git a/.github/workflows/release-3-build-and-publish-artifacts.yml
b/.github/workflows/release-3-build-and-publish-artifacts.yml
index f6d74ac8c..1fee3631b 100644
--- a/.github/workflows/release-3-build-and-publish-artifacts.yml
+++ b/.github/workflows/release-3-build-and-publish-artifacts.yml
@@ -141,8 +141,7 @@ jobs:
- name: Import GPG key
uses:
crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
with:
- gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
- passphrase: ${{ secrets.GPG_PASSPHRASE }}
+ gpg_private_key: ${{ secrets.POLARIS_GPG_PRIVATE_KEY }}
git_user_signingkey: true
git_commit_gpgsign: true
@@ -336,28 +335,22 @@ jobs:
- name: Import GPG key
uses:
crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
with:
- gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
- passphrase: ${{ secrets.GPG_PASSPHRASE }}
+ gpg_private_key: ${{ secrets.POLARIS_GPG_PRIVATE_KEY }}
git_user_signingkey: true
git_commit_gpgsign: true
- name: Create Helm package
- env:
- GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
- echo "::add-mask::$GPG_PASSPHRASE"
-
source "${LIBS_DIR}/_exec.sh"
# Make sure these files are always deleted
- trap "rm -f /tmp/secring.gpg /tmp/pubring.gpg /tmp/passphrase" EXIT
+ trap "rm -f /tmp/secring.gpg /tmp/pubring.gpg" EXIT
- echo "$GPG_PASSPHRASE" > /tmp/passphrase
- gpg --batch --pinentry-mode loopback --passphrase-file
/tmp/passphrase --export-secret-keys > /tmp/secring.gpg
+ gpg --batch --pinentry-mode loopback --export-secret-keys >
/tmp/secring.gpg
gpg --batch --pinentry-mode loopback --export > /tmp/pubring.gpg
exec_process cd helm
- exec_process helm package polaris --sign --key "." --keyring
/tmp/secring.gpg --passphrase-file /tmp/passphrase
+ exec_process helm package polaris --sign --key "." --keyring
/tmp/secring.gpg
exec_process helm verify polaris-${version_without_rc}.tgz --keyring
/tmp/pubring.gpg
calculate_sha512 polaris-${version_without_rc}.tgz
