Open Cryptophobia opened 6 years ago
From @vdice on November 7, 2016 22:56
Once we are signing our staging helm charts (workflow-dev, builder-dev, etc.), we should add a correlating verification step to the chart install in the downstream e2e job(s) along the lines of:
workflow-dev
builder-dev
... gpg --keyserver <keyserver (probably pgp.mit.edu)> --recv-keys <KEY_ID> helm install --verify "${CHART_REPO:-${CHART}}"/"${CHART}" ...
Copied from original issue: deis/jenkins-jobs#283
From @vdice on November 7, 2016 22:56
Once we are signing our staging helm charts (
workflow-dev
,builder-dev
, etc.), we should add a correlating verification step to the chart install in the downstream e2e job(s) along the lines of:Copied from original issue: deis/jenkins-jobs#283