Related to helm sign

[dk03051996]

Question

Hi, I tried to follow your github-actions workflow to sign helm chart. I am able to import the gpg key successfully in the runner. While signing helm, it throws error as private key not found. I tried to give private key as secret and harcoding values directly or with "". The error is same. Can you help me to confirm that you are using same command to export gpg key from your system that you are saving in github secret. I am using command below to export and save that key in github secret.

Below is the github-action similar to your github-action

  - name: Install GPG Keys
    run: |
      cat <(echo -e "${{ secrets.GPG_PRIVATE_KEY }}") | gpg --import --batch 
      gpg --list-secret-keys --keyid-format LONG
      #export GPG_TTY=$(tty)
      gpg --export > /home/runner/.gnupg/pubring.gpg
      gpg --export-secret-keys > /home/runner/.gnupg/secring.gpg

  - name: Add repositories
    run: |
      for dir in $(ls -d charts/*/); do
        helm dependency list $dir 2> /dev/null | tail +2 | head -n -1 | awk '{ print "helm repo add " $1 " " $3 }' | while read cmd; do $cmd; done
      done

  - name: Run chart-releaser
    uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 #v1.6.0
    env:
      CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
      CR_KEY: Dikshant Rai
      CR_KEYRING: "/home/runner/.gnupg/secring.gpg"
      CR_SIGN: true 

[haydentherapper]

You can see where we sign here: https://github.com/sigstore/helm-charts/blob/89ad5f08e4222bebf4415a6bc83c8c6a60542eca/.github/workflows/release.yml#L43

Beyond that, I'm not sure there's much else we can help with, as this seems like an issue with your setup.