Update GPG key reference in Helm package command to use specific signing key

Add step to display GPG keys in CI environment
Add error handling to legacy secret-keyring build step
2025-05-12 23:04:25 +02:00 · 2025-05-12 23:02:48 +02:00 · 2025-05-12 22:50:14 +02:00 · 2025-05-12 22:41:15 +02:00 · 2025-05-12 22:21:31 +02:00 · 2025-05-12 22:19:21 +02:00
2 changed files with 36 additions and 10 deletions
--- a/.gitea/workflows/package-and-deploy.yaml
+++ b/.gitea/workflows/package-and-deploy.yaml
@@ -31,13 +31,20 @@ jobs:
          passphrase: ${{ secrets.GPG_PASSPHRASE }}
          trust_level: 5

+      - name: Show keys in runner
+        run: |
+          echo "🔑  Keys inside CI:"
+          gpg --list-secret-keys --keyid-format LONG
+
      # 4) “Generation‑1”‑Secret‑Ring für Helm erzeugen (TMP, 600 Rechte)
      - name: Build legacy secret-keyring
        run: |
+          set -euo pipefail
          install -m 700 -d /tmp/gpgring
-          gpg --batch --pinentry-mode loopback \
+          gpg --batch --yes --pinentry-mode loopback \
+              --passphrase "$PASSPHRASE" \
              --export-secret-keys "$GPG_KEY_ID" \
-              --output /tmp/gpgring/secring.gpg
+              >/tmp/gpgring/secring.gpg
          chmod 600 /tmp/gpgring/secring.gpg
          echo "$PASSPHRASE" > /tmp/gpgring/passphrase.txt
          chmod 600 /tmp/gpgring/passphrase.txt
@@ -50,7 +57,7 @@ jobs:
          helm package "$CHART_DIR" \
               --version "$CHART_VERSION" \
               --sign \
-               --key "$GPG_KEY_ID" \
+               --key "Morlana Signing" \
               --keyring /tmp/gpgring/secring.gpg \
               --passphrase-file /tmp/gpgring/passphrase.txt

--- a/pubkeys/morlana.asc
+++ b/pubkeys/morlana.asc
@@ -1,10 +1,29 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----

-mDMEaBxO9xYJKwYBBAHaRw8BAQdA/7OLLFRkqsTzyufHwHVgB7M6XoX9+df8qCvi
-u5xQM7i0OE1vcmxhbmEgQ0kgU2lnbmluZyBLZXkgPGNvbnRhY3QrZGV2ZWxvcG1l
-bnRAbW9ybGFuYS5uZXQ+iJYEExYIAD4WIQS84h7qJd4UtBgZbaH/b3JG+qmcMAUC
-aBxO9wIbAwUJAeEzgAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRD/b3JG+qmc
-MLuMAQDM/CPa1DO31dmcI5Xtt9uK3svdv3mZl5GGqqTylcYTXgD+LL4/OPp7XHx+
-WTf9NitfTlwpRKJJWec7vp2NG0NQ8wg=
-=ACKv
+mQINBGgiWykBEACtiiNGno+ZL99rI0qP98Ei+HNcs/MgBWqjPa3/nYv6wK1FVEhu
+95w/4Oh/EBEP7vuq5lDfC2JQHiif6AHu4tBB6V2Hx3XLyZE9HY+7SuqIWzeGGr2F
+GlD8GkEQ4/HtdHDK+htFUgTPrzW7f/ax5pgvvzAXQcXnC6fIOGsd2IJO0LoEjhTn
+KJQqEOgPqGjyfND9+3bfscLJi2CSK23pWz30f1sTzqLM4eMN7poXGqjwjtyKwGog
+j66t6Na6A/B3AU9QPP5BB1/Qj09FVsd/InLsyelULG1fZmY0wx2/wiE0VNhenjGa
+EejCp8oHieZ++x811ux6wROdJc38HC5lJfXhyob3yJ2OXeGBYnZG8PrT2CqJpTXz
+W/5kDVYAyKOh2iiPGADGlMOajnyCgtRI9YEsKYybxlRW7vuvh7ItHb7/iplbamgx
+RUrxiJGDMTEENsePTQq4pGOblXptw6PiIogGv9kWJ9WaEIbbAlFJmAIOh2JXRF+Y
+JgaCzUjUNRv/z3P5Ymwd2qYxp+RO8QVCPs+/PAqL0BgwCFQXhOC5Yez3/89D5tKy
+UOMBxK+xP3i7mj5C6BZa+1ChMdN9yUYpGKVfm16xLVrGBbwWZI6YB4qF+3n4qUtp
+Ld7CVEzPVarftb8UpIaqAO/R/MYPUAJeKCykHrlaaOqkj3Dhacqgl+h9FQARAQAB
+tDFNb3JsYW5hIFNpZ25pbmcgPGNvbnRhY3QrZGV2ZWxvcG1lbnRAbW9ybGFuYS5u
+ZXQ+iQJOBBMBCgA4FiEEiXVuIB5MmbGi6VcS333yWc2PyqoFAmgiWykCGwMFCwkI
+BwIGFQoJCAsCBBYCAwECHgECF4AACgkQ333yWc2PyqrhXA//SnEa+hG0hIAB4Ua/
+qgqv/7nzpRIFAA5tqSoOPZ0p4YvtsSywc7zJ+ZH7IClvlewOo0Omeo4XiYQCLYSL
+LnYv/yqrWVNU35TI29k2RTE4pmcHB9hMdG8heI2c5O3vd9C4yQCWwWKMSD3pEPrq
+aLkHkQvLyXZukBeMzNFaVK4wOjPB02MadQLIu9rbUbKW9DvUmt/x8uBVmm/Pq4Ds
+HBgxdnOifEhzMG2gG+4UJYt2jfibMwCJpM4d/drs28Qf9dhjj1UHzhhwBW3OpJkJ
+E+hHVMObzolefh4eR3gPctIkxuVjYC91FVZkqVV3TgrLKhfgro5ML7IFgCnzHVuZ
+PKJsssNZds+2Sv/nf2QtXcGvQgZ3xjNlaQUxE0WTGe+DKx4pMyxx4s+eNYGhA5Yo
+rrb9on8TfDNaexU0BDUyt3DLQVxk8niqQPmj9jmD+BrsjWnj7Dn1yCgjre/viZjH
+Ys8AHwxSu4qh3XBtjUQ9YDhUMmNqIOtJHiVp97kWbLbQ7CiCI+/7IT6Pk50+GzXV
+KaTRfEp6zxpMx2wgsw4CP7aKukLrIFWxDNyQ+030c8TQW8WuL1W3oTzh0iu7DCgR
+XVmgS6+YAbxjX/gAD0Dx3jLftQ2Y3PGMWPXtZmtZucIFhg1ArmYb2v1n8sWMi+cK
+k/0Bxc8p29/H9s7dv5pVyrx2fcM=
+=o6F8
 -----END PGP PUBLIC KEY BLOCK-----
Author	SHA1	Message	Date
Florian	fe12222722	Update GPG key reference in Helm package command to use specific signing key Some checks failed Package & Sign Helm Chart / build (release) Failing after 14s Details	2025-05-12 23:04:25 +02:00
Florian	be91c9677a	Add step to display GPG keys in CI environment Some checks failed Package & Sign Helm Chart / build (release) Failing after 12s Details	2025-05-12 23:02:48 +02:00
Florian	33fbe9e443	Add error handling to legacy secret-keyring build step Some checks failed Package & Sign Helm Chart / build (release) Failing after 13s Details	2025-05-12 22:50:14 +02:00
Florian	c09e1a2978	Update PGP public key block with new key data Some checks failed Package & Sign Helm Chart / build (release) Failing after 29s Details	2025-05-12 22:41:15 +02:00
Florian	337b9e9f0b	Fix GPG command to include passphrase for secret key export in package-and-deploy workflow Some checks failed Package & Sign Helm Chart / build (release) Failing after 20s Details	2025-05-12 22:21:31 +02:00
Florian	91bb7a4fd1	Enhance GPG command in secret-keyring build step with additional flags for improved functionality Some checks failed Package & Sign Helm Chart / build (release) Failing after 28s Details	2025-05-12 22:19:21 +02:00
Florian	005aab7ec9	Fix GPG command to use batch mode for secret-keyring build step Some checks failed Package & Sign Helm Chart / build (release) Failing after 36s Details	2025-05-12 22:16:55 +02:00
Florian	c2ccd5e27f	Fix GPG command to remove unnecessary batch flag in secret-keyring build step Some checks failed Package & Sign Helm Chart / build (release) Failing after 25s Details	2025-05-12 22:12:50 +02:00
Florian	7cf5f43299	Fix output redirection syntax for GPG secret key export in package-and-deploy workflow Some checks failed Package & Sign Helm Chart / build (release) Failing after 22s Details	2025-05-12 22:08:58 +02:00