Merge pull request #70 from secureCodeBox/helm-publishing

Automatically Publish Helm Charts on Releases

Author: J12934

.github/workflows/helm-charts.yaml

@@ -0,0 +1,34 @@
+on:
+  release:
+    types: [published]
+name: "Publish Helm Charts"
+jobs:
+  helm:
+    name: Package and Publish
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: "Install yq"
+        run: |
+          sudo snap install yq
+      - name: Parse Tag 
+        run: echo ::set-env name=RELEASE_VERSION::${GITHUB_REF#refs/*/}
+      - name: "Publish Helm Chart"
+        env:
+          HELM_REGISTRY: https://charts.securecodebox.io
+          USERNAME: ${{ secrets.HELM_REGISTRY_USERNAME }}
+          PASSWORD: ${{ secrets.HELM_REGISTRY_PASSWORD }}
+        run: |
+          # Publish charts in all folders containing a `Chart.yaml` file
+          # https://github.com/koalaman/shellcheck/wiki/SC2044
+          find . -type f -name Chart.yaml -print0 | while IFS= read -r -d '' chart; do
+          (
+            dir="$(dirname "${chart}")"
+            cd "${dir}" || exit
+            echo "Processing Chart in $dir"
+            helm lint .
+            helm package --version $RELEASE_VERSION .
+            NAME=$(yq read - name < Chart.yaml)
+            curl --silent --show-error --user "${USERNAME}:${PASSWORD}" --data-binary "@${NAME}-${RELEASE_VERSION}.tgz" "${HELM_REGISTRY}/api/charts"
+          )
+          done

demo-apps/bodgeit/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 version: 0.1.0
 type: application
-appVersion: "latest"
+appVersion: "v1.4.0"
 name: bodgeit
 description: "The BodgeIt Store is a vulnerable web app which is aimed at people who are new to pen testing"
 home: https://github.com/psiinon/bodgeit

demo-apps/juice-shop/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 version: 0.1.0
-appVersion: "v10.0.0"
+appVersion: "v11.1.2"
 name: juice-shop
 description: "OWASP Juice Shop: Probably the most modern and sophisticated insecure web application"
 type: application