Update fetch_helm_deps.sh

Signed-off-by: Kjeld Schouten <kjeld@schouten-lebbing.nl>
This commit is contained in:
Kjeld Schouten 2023-05-07 13:14:59 +02:00 committed by GitHub
parent febda82bb2
commit 5120931092
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 18 additions and 4 deletions

View File

@ -21,6 +21,17 @@ trains=(
"dependency" "dependency"
) )
load_gpg_key() {
echo ""
echo "⏬ Downloading and Loading TrueCharts pgp Public Key"
gpg_dir=.cr-gpg
mkdir "$gpg_dir"
curl https://keybase.io/hashicorp/pgp_keys.asc | gpg --dearmor > $gpg_dir/pubring.gpg || echo "❌ Couldn't load Public Key." && exit 1
echo "✅ Public Key loaded successfully..."
echo ""
}
export -f load_gpg_key
download_deps() { download_deps() {
local train_chart="$1" local train_chart="$1"
@ -86,19 +97,20 @@ for idx in $(eval echo "{0..$length}"); do
mkdir -p "$cache_path/$repo_dir" mkdir -p "$cache_path/$repo_dir"
wget --quiet "$dep_url" -P "$cache_path/$repo_dir" wget --quiet "$dep_url" -P "$cache_path/$repo_dir"
wget --quiet "$dep_url.prov" -P "$cache_path/$repo_dir" wget --quiet "$dep_url.prov" -P "$cache_path/$repo_dir"
if [ ! $? ]; then if [ ! $? ]; then
echo "❌ wget encountered an error..." echo "❌ wget encountered an error..."
helm dependency build "$charts_path/$train_chart/Chart.yaml" --verify --keyring $gpg_dir/secring.gpg || helm dependency update "$charts_path/$train_chart/Chart.yaml" --verify --keyring $gpg_dir/secring.gpg || exit 1 helm dependency build "$charts_path/$train_chart/Chart.yaml" --verify --keyring $gpg_dir/pubring.gpg || helm dependency update "$charts_path/$train_chart/Chart.yaml" --verify --keyring $gpg_dir/pubring.gpg || exit 1
fi fi
if [ -f "$cache_path/$repo_dir/$name-$version.tgz" ]; then if [ -f "$cache_path/$repo_dir/$name-$version.tgz" ]; then
echo "✅ Dependency Downloaded!" echo "✅ Dependency Downloaded!"
echo "Validating dependency signature..." echo "Validating dependency signature..."
helm verify $cache_path/$repo_dir/$name-$version.tgz --keyring $gpg_dir/secring.gpg || helm verify $cache_path/$repo_dir/$name-$version.tgz --keyring $gpg_dir/secring.gpg || echo "❌ Failed to verify dependency chart signature" && exit 1 helm verify $cache_path/$repo_dir/$name-$version.tgz --keyring $gpg_dir/pubring.gpg || helm verify $cache_path/$repo_dir/$name-$version.tgz --keyring $gpg_dir/pubring.gpg || echo "❌ Failed to verify dependency chart signature" && exit 1
else else
echo "❌ Failed to download dependency" echo "❌ Failed to download dependency"
# Try helm dependency build/update or otherwise fail fast if a dep fails to download... # Try helm dependency build/update or otherwise fail fast if a dep fails to download...
helm dependency build "$charts_path/$train_chart/Chart.yaml" --verify --keyring $gpg_dir/secring.gpg || helm dependency update "$charts_path/$train_chart/Chart.yaml" --verify --keyring $gpg_dir/secring.gpg || exit 1 helm dependency build "$charts_path/$train_chart/Chart.yaml" --verify --keyring $gpg_dir/pubring.gpg || helm dependency update "$charts_path/$train_chart/Chart.yaml" --verify --keyring $gpg_dir/pubring.gpg || exit 1
fi fi
fi fi
echo "" echo ""
@ -118,7 +130,9 @@ for idx in $(eval echo "{0..$length}"); do
fi fi
done done
} }
export -f download_deps export -f
load_gpg_key
if [ -z "$1" ]; then if [ -z "$1" ]; then
for train in "${trains[@]}"; do for train in "${trains[@]}"; do