Skip to content

Commit

Permalink
test: test image build with chart release
Browse files Browse the repository at this point in the history
  • Loading branch information
@evegufy
evegufy committed Mar 28, 2024
1 parent 9daf6e3 commit d65e118
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/chart-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,7 @@ jobs:
- name: Run chart-releaser
uses: helm/[email protected]

Check warning on line 67 in .github/workflows/chart-release.yaml

View workflow job for this annotation

GitHub Actions / Analyze

[MEDIUM] Unpinned Actions Full Length Commit SHA 

Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. When selecting a SHA, you should verify it is from the action's repository and not a repository fork.
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
CR_SKIP_EXISTING: "true"

- name: Get current helm chart version
Expand All @@ -92,7 +93,6 @@ jobs:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
if: steps.version-check.outputs.exists == 'false'

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0
Expand Down
4 changes: 2 additions & 2 deletions charts/dim/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@
apiVersion: v2
name: dim
type: application
version: 0.0.3
appVersion: 0.0.3
version: 0.0.4
appVersion: 0.0.4
description: Helm chart for DIM Middle Layer
home: https://github.com/catenax-ng/dim-repo
dependencies:
Expand Down

0 comments on commit d65e118

Please sign in to comment.