chore: verify ArtifactHub ownership as OCI artifact (#102)

tumido · web-flow · commit 0d63acc92a57 · 2023-05-15T20:38:00.000+02:00
Signed-off-by: Tomas Coufal &lt;tcoufal@redhat.com&gt;
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -48,6 +48,9 @@ jobs:
       - name: Install Cosign
         uses: sigstore/cosign-installer@204a51a57a74d190b284a0ce69b44bc37201f343 #pin@v3.0.3
 
+      - name: Install Oras
+        uses: oras-project/setup-oras@c90396b2ddabd5a364e6551a79984c86cc036996 # v1.0.0
+
       - name: Publish and Sign OCI Charts
         run: |
           for chart in `find .cr-release-packages -name '*.tgz' -print`; do
@@ -56,6 +59,8 @@ jobs:
             chart_name=${file_name%-*}
             digest=$(awk -F "[, ]+" '/Digest/{print $NF}' < helm-push-output.log)
             cosign sign -y "ghcr.io/${GITHUB_REPOSITORY}/${chart_name}@${digest}"
+
+            oras push "ghcr.io/${GITHUB_REPOSITORY}/${chart_name}:artifacthub.io" "./charts/${chart_name}/artifacthub-repo.yml:application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml"
           done
         env:
           COSIGN_EXPERIMENTAL: 1
diff --git a/charts/backstage/Chart.yaml b/charts/backstage/Chart.yaml
@@ -38,4 +38,4 @@ sources:
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.22.3
+version: 0.22.4
diff --git a/charts/backstage/README.md b/charts/backstage/README.md
@@ -1,7 +1,9 @@
 
 # Backstage Helm Chart
 
-![Version: 0.22.3](https://img.shields.io/badge/Version-0.22.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
+[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/janus-idp&style=flat-square)](https://artifacthub.io/packages/search?repo=janus-idp)
+![Version: 0.22.4](https://img.shields.io/badge/Version-0.22.4-informational?style=flat-square)
+![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
 
 A Helm chart for deploying a Backstage application
 
diff --git a/charts/backstage/README.md.gotmpl b/charts/backstage/README.md.gotmpl
@@ -2,7 +2,9 @@
 
 {{ template "chart.deprecationWarning" . }}
 
-{{ template "chart.badgesSection" . }}
+[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/janus-idp&style=flat-square)](https://artifacthub.io/packages/search?repo=janus-idp)
+{{ template "chart.versionBadge" . }}
+{{ template "chart.typeBadge" . }}
 
 {{ template "chart.description" . }}
 
diff --git a/charts/backstage/artifacthub-repo.yml b/charts/backstage/artifacthub-repo.yml
@@ -0,0 +1,12 @@
+# Artifact Hub repository metadata file
+#
+# Some settings like the verified publisher flag or the ignored packages won't
+# be applied until the next time the repository is processed. Please keep in
+# mind that the repository won't be processed if it has not changed since the
+# last time it was processed. Depending on the repository kind, this is checked
+# in a different way. For Helm http based repositories, we consider it has
+# changed if the `index.yaml` file changes. For git based repositories, it does
+# when the hash of the last commit in the branch you set up changes. This does
+# NOT apply to ownership claim operations, which are processed immediately.
+#
+repositoryID: b17b52d1-dd33-4328-84bf-259d5ee7546b
