Moritz Wiesinger

Aha I think I found my answer already (in the `helm template` command): > Any values that would normally be looked up or retrieved in-cluster will be faked locally. [Source](https://helm.sh/docs/helm/helm_template/)

I think an easy solution would be to just add the option to add annotations to the `keptn-api-token` secret so that you can add the Argo annotation there. I don't...

@AbhijithGanesh since you wanted to work on this earlier, is it something you still want to work on or should I take it over?

Findings so far: I tried to implement automation by directly using the GH actions runner to execute the tutorial commands but did not manage to fully get it up and...

I will put this ticket on hold until there is more time and maybe a better setup to realize this ticket

Resources: https://blog.sigstore.dev/cosign-image-signatures-77bab238a93 https://github.com/sigstore/helm-sigstore https://blog.sigstore.dev/cosign-1-0-e82f006f7bc4 https://helm.sh/docs/topics/provenance/ https://medium.com/@sabre1041/integrating-helm-into-the-sigstore-project-d51564ea001f https://colinwilson.uk/2022/01/27/how-to-sign-helm-charts-using-chart-releaser-action/ https://colinwilson.uk/2022/02/07/verifying-signed-helm-charts/

After trying out keybase.io with a personal account, I would say the conclusion for it is to not use it. Keybase would only be used for distribution of the public...

A good approach would be: - have a PGP private key in the github secrets, together with the passphrase if the private key has one - call `helm package` with...

This issue definitely requires some sort of initialization script to set up permissions for the users and databases. Adding the users/databases is supported by newer versions of bitnami/mongodb but permission...

Some additional thoughts: secret-service is actually only responsible to create secrets and the corresponding rbac related resources like roles/rolebindings. The access to the secrets still goes through the k8s API.