commented helm hooks testing, updated workflow back to use notation

vponoikoait · Jan 18, 2024 · dc7e431 · dc7e431
1 parent 1aba1ba
commit dc7e431
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 55 deletions.
diff --git a/.github/workflows/build-deploy-workflow.yml b/.github/workflows/build-deploy-workflow.yml
@@ -42,12 +42,12 @@ jobs:
           export AWS_REGION=${{ secrets.AWS_REGION }}
           cosign generate-key-pair --kms awskms:///alias/${{ secrets.AWS_CMK_ID }}
           cosign sign --key awskms:///alias/${{ secrets.AWS_CMK_ID }} ${{ secrets.ECR_REGISTRY_NAME }}:$GITHUB_SHA --upload=true --tlog-upload=false
-#      - name: Sign Image | Cosign Verify Image
-#        run: |
-#          cosign verify --key awskms:///alias/${{ secrets.AWS_CMK_ID }} ${{ secrets.ECR_REGISTRY_NAME }}:$GITHUB_SHA --private-infrastructure
-#      - name: Sign Image | Signer Sign Image
-#        run: |
-#          notation sign ${{ secrets.ECR_REGISTRY_NAME }}:$GITHUB_SHA --plugin "com.amazonaws.signer.notation.plugin" --id "arn:aws:signer:${{ secrets.AWS_REGION }}:${{ secrets.AWS_ACCOUNT_ID }}:/signing-profiles/vponoiko_test20240115132817707100000001"
+      - name: Sign Image | Cosign Verify Image
+        run: |
+          cosign verify --key awskms:///alias/${{ secrets.AWS_CMK_ID }} ${{ secrets.ECR_REGISTRY_NAME }}:$GITHUB_SHA --private-infrastructure
+      - name: Sign Image | Signer Sign Image
+        run: |
+          notation sign ${{ secrets.ECR_REGISTRY_NAME }}:$GITHUB_SHA --plugin "com.amazonaws.signer.notation.plugin" --id "arn:aws:signer:${{ secrets.AWS_REGION }}:${{ secrets.AWS_ACCOUNT_ID }}:/signing-profiles/vponoiko_test20240115132817707100000001"
   deploy:
     needs: build
     runs-on: self-hosted

diff --git a/k8s/chart/templates/job.yaml b/k8s/chart/templates/job.yaml
@@ -45,52 +45,52 @@ spec:
   {{- with .Values.backoffLimit }}
   backoffLimit: {{ . }}
   {{- end }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: {{ include "chart.fullname" . }}-{{ .Release.Revision }}-hook
-  annotations:
-    "helm.sh/hook": pre-upgrade
-    "helm.sh/hook-weight": "-5"
-    "helm.sh/hook-delete-policy": hook-succeeded
-  labels:
-    {{- include "chart.labels" . | nindent 4 }}
-spec:
-  template:
-    metadata:
-      {{- with .Values.podAnnotations }}
-      annotations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      labels:
-        {{- include "chart.labels" . | nindent 8 }}
-        {{- with .Values.podLabels }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      serviceAccountName: {{ include "chart.serviceAccountName" . }}
-      securityContext:
-        {{- toYaml .Values.podSecurityContext | nindent 8 }}
-      containers:
-        - name: {{ .Chart.Name }}
-          securityContext:
-            {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          command: ["exit"]
-          args: ["1"]
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          {{- with .Values.volumeMounts }}
-          volumeMounts:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-      restartPolicy: OnFailure
-  {{- with .Values.backoffLimit }}
-  backoffLimit: {{ . }}
-  {{- end }}
+{{/*---*/}}
+{{/*apiVersion: batch/v1*/}}
+{{/*kind: Job*/}}
+{{/*metadata:*/}}
+{{/*  name: {{ include "chart.fullname" . }}-{{ .Release.Revision }}-hook*/}}
+{{/*  annotations:*/}}
+{{/*    "helm.sh/hook": pre-upgrade*/}}
+{{/*    "helm.sh/hook-weight": "-5"*/}}
+{{/*    "helm.sh/hook-delete-policy": hook-succeeded*/}}
+{{/*  labels:*/}}
+{{/*    {{- include "chart.labels" . | nindent 4 }}*/}}
+{{/*spec:*/}}
+{{/*  template:*/}}
+{{/*    metadata:*/}}
+{{/*      {{- with .Values.podAnnotations }}*/}}
+{{/*      annotations:*/}}
+{{/*        {{- toYaml . | nindent 8 }}*/}}
+{{/*      {{- end }}*/}}
+{{/*      labels:*/}}
+{{/*        {{- include "chart.labels" . | nindent 8 }}*/}}
+{{/*        {{- with .Values.podLabels }}*/}}
+{{/*        {{- toYaml . | nindent 8 }}*/}}
+{{/*        {{- end }}*/}}
+{{/*    spec:*/}}
+{{/*      {{- with .Values.imagePullSecrets }}*/}}
+{{/*      imagePullSecrets:*/}}
+{{/*        {{- toYaml . | nindent 8 }}*/}}
+{{/*      {{- end }}*/}}
+{{/*      serviceAccountName: {{ include "chart.serviceAccountName" . }}*/}}
+{{/*      securityContext:*/}}
+{{/*        {{- toYaml .Values.podSecurityContext | nindent 8 }}*/}}
+{{/*      containers:*/}}
+{{/*        - name: {{ .Chart.Name }}*/}}
+{{/*          securityContext:*/}}
+{{/*            {{- toYaml .Values.securityContext | nindent 12 }}*/}}
+{{/*          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"*/}}
+{{/*          imagePullPolicy: {{ .Values.image.pullPolicy }}*/}}
+{{/*          command: ["exit"]*/}}
+{{/*          args: ["1"]*/}}
+{{/*          resources:*/}}
+{{/*            {{- toYaml .Values.resources | nindent 12 }}*/}}
+{{/*          {{- with .Values.volumeMounts }}*/}}
+{{/*          volumeMounts:*/}}
+{{/*            {{- toYaml . | nindent 12 }}*/}}
+{{/*          {{- end }}*/}}
+{{/*      restartPolicy: OnFailure*/}}
+{{/*  {{- with .Values.backoffLimit }}*/}}
+{{/*  backoffLimit: {{ . }}*/}}
+{{/*  {{- end }}*/}}