Set release version of helm/chart-releaser-action

Rewrite CSR creation into jq to be more robust
Make github release from release/legacy-csr
2026-01-14 07:43:50 +01:00 · 2021-05-26 10:24:25 +02:00 · 2021-05-26 10:24:11 +02:00 · 2021-05-26 09:38:30 +02:00
3 changed files with 24 additions and 21 deletions
--- a/.github/workflows/release-chart.yaml
+++ b/.github/workflows/release-chart.yaml
@@ -4,6 +4,7 @@ on:
  push:
    branches:
      - main
+      - release/legacy-csr
    paths:
      - 'charts/**'

@@ -13,8 +14,6 @@ jobs:
    steps:
      - name: Checkout
        uses: actions/checkout@v1
-        with:
-          ref: main

      - name: Configure Git
        run: |
@@ -47,6 +46,6 @@ jobs:

      - name: Run chart-releaser
        if: steps.helm_version_checker.outcome == 'success'
-        uses: helm/chart-releaser-action@master
+        uses: helm/chart-releaser-action@v1.2.1
        env:
          CR_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
--- a/charts/imagepullsecret-injector/Chart.yaml
+++ b/charts/imagepullsecret-injector/Chart.yaml
@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.0.20
+version: 0.0.21

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/charts/imagepullsecret-injector/scripts/create-signed-cert.sh
+++ b/charts/imagepullsecret-injector/scripts/create-signed-cert.sh
@@ -83,23 +83,27 @@ echo "Deleting old CertificateSigningRequests"
 kubectl delete csr ${csrName} 2>/dev/null || true

 echo "Creating new CertificateSigningRequests"
-# create  server cert/key CSR and  send to k8s API
-cat <<EOF | kubectl create -f -
-apiVersion: certificates.k8s.io/v1
-kind: CertificateSigningRequest
-metadata:
-  name: ${csrName}
-  namespace: ${namespace}
-spec:
-  signerName: kubernetes.io/kubelet-serving
-  groups:
-  - system:authenticated
-  request: $(< "${tmpdir}"/server.csr base64 | tr -d '\n')
-  usages:
-  - digital signature
-  - key encipherment
-  - server auth
-EOF
+# create server cert/key CSR and  send to k8s API
+jq -n --arg request "$(< "${tmpdir}"/server.csr base64 -w0)" \
+  --arg namespace "$namespace" \
+  --arg csrName "$csrName" '{
+    apiVersion: "certificates.k8s.io/v1beta1",
+    kind: "CertificateSigningRequest",
+    metadata: {
+      name: $csrName,
+      namespace: $namespace
+    },
+    spec: {
+      signerName: "kubernetes.io/kubelet-serving",
+      groups: ["system:authenticated"],
+      request: $request,
+      usages: [
+        "digital signature",
+        "key encipherment",
+        "server auth"
+      ]
+    }
+  }' | kubectl create -f -

 # verify CSR has been created
 while true; do
Author	SHA1	Message	Date
Martin Šalata	56595e3e72	Set release version of helm/chart-releaser-action	2021-05-26 10:24:25 +02:00
Martin Šalata	6c5bd77b69	Rewrite CSR creation into `jq` to be more robust	2021-05-26 10:24:11 +02:00
Martin Šalata	c999960415	Make github release from `release/legacy-csr`	2021-05-26 09:38:30 +02:00