Skip to content

feat: add GPG signing, values schema, and consolidate workflows#33

Merged
3 commits merged into
start-codex:mainfrom
llulioscesar:main
Nov 28, 2025
Merged

feat: add GPG signing, values schema, and consolidate workflows#33
3 commits merged into
start-codex:mainfrom
llulioscesar:main

Conversation

@llulioscesar
Copy link
Copy Markdown
Member

@llulioscesar llulioscesar commented Nov 28, 2025

Summary

  • Add GPG chart signing for Artifact Hub "Signed" badge
  • Add values.schema.json for Artifact Hub "Values Schema" badge
  • Add artifacthub-repo.yml for "Verified Publisher" badge
  • Consolidate 4 workflows into 2 with proper job dependencies
  • Update Chart.yaml with Artifact Hub annotations
  • Improve README documentation in English

Changes

Artifact Hub Badges

  • values.schema.json: JSON Schema for all chart values
  • public-key.asc: GPG public key for signature verification
  • artifacthub-repo.yml: Repository metadata with repositoryID
  • Chart.yaml: Added artifacthub.io/signKey and other annotations

Workflows Consolidation

Before: 4 workflows (pages.yml, release.yml, test.yml, validate-configs.yml)
After: 2 workflows with dependencies

Workflow Trigger Jobs
ci.yml PR, push lint → test → package
release.yml push (chart files) CI → Release & Deploy

Release Workflow Features

  • Calls CI workflow first (must pass)
  • Imports GPG key from secrets
  • Signs chart package with GPG
  • Generates .prov provenance files
  • Deploys to GitHub Pages

Required Secrets

Secret Description
GPG_PRIVATE_KEY Armored GPG private key
GPG_PASSPHRASE GPG key passphrase

@llulioscesar
Based on the staged changes, here's the conventional commit message:
b89e8bb 
chore: add PGP public key and values JSON schema

Add PGP public key for Start Codex Helm Charts signing and comprehensive JSON schema for Valkey Helm chart values validation. The schema defines all configurable parameters including architecture modes (standalone/sentinel), authentication, persistence, networking, metrics, and TLS configuration.
@llulioscesar
ci: add comprehensive GitHub Actions workflow
2f20dc3 
Implement automated testing pipeline with four jobs:
- Helm chart linting validation
- Template rendering tests across multiple configurations (standalone/sentinel modes)
- Chart packaging verification
- JSON schema validation for values file

Test matrix includes standalone configurations (default, auth, persistence, metrics)
and sentinel mode variations with automated manifest validation checks.
@llulioscesar
ci: optimize workflows and improve error handling
12398c6 
Streamline CI/CD pipelines by consolidating jobs, improving test configurations, and enhancing the release process with better error handling and cleaner output formatting.

Changes include:
- Add workflow_call trigger to enable CI reuse in release workflow
- Remove paths-ignore filter to ensure all changes are validated
- Consolidate schema validation into lint job from separate job
- Add fail-fast: false to test matrix for complete test coverage
- Remove standalone-persistence test case from matrix
- Simplify test validation output and improve error messages
- Merge schema validation into main CI flow
- Enhance release workflow with CI dependency
- Simplify GPG key import and package process
- Improve HTML index generation with cleaner template
- Remove redundant steps and optimize file operations
@ghost ghost merged commit 6466c7d into start-codex:main Nov 28, 2025
8 checks passed
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@llulioscesar