Skip to content

Commit

Permalink
Merge pull request #86 from Ontotext-AD/GDB-9222-sign
Browse files Browse the repository at this point in the history 
GDB-9222: Added repo install and provenance information
  • Loading branch information
@mihailradkov
mihailradkov committed Mar 26, 2024
2 parents 87dbf08 + 2338544 commit 48bc3c8
Show file tree
Hide file tree
Showing 3 changed files with 78 additions and 1 deletion.
7 changes: 6 additions & 1 deletion .helmignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,13 @@

# Custom
*.license
*.gpg
*.pgp
.github/
examples/
template_output.yaml
trivy.yaml
values_overrides.yaml
values_*.yaml
.helmignore
*.md.gotmpl
*.tgz
36 changes: 36 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,42 @@ Endpoints:
* GraphDB workbench: http://graphdb.local/graphdb
```

### Repository

You can install GraphDB's Helm chart from our public Helm repository as well.

1. Add Ontotext repository with

```shell
helm repo add ontotext https://maven.ontotext.com/repository/helm-public/
```

2. Install GraphDB

```shell
helm install graphdb ontotext/graphdb
```

### Provenance

Helm can verify the origin and integrity of the Helm chart by

1. Importing the public GnuPG key:

```shell
gpg --keyserver keyserver.ubuntu.com --recv-keys 8E1B45AF8157DB82
# Helm uses the legacy gpg format
gpg --export > ~/.gnupg/pubring.gpg
```

2. Running `helm install` with the `--verify` flag, i.e.:

```shell
helm install --verify graphdb ontotext/graphdb
```

Note that the verification works only when installing from a local tar.gz or when installing from the repository.

## Persistence

By default, the Helm chart is deploying persistent volumes that store data on the host path.
Expand Down
36 changes: 36 additions & 0 deletions README.md.gotmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,42 @@ Endpoints:
* GraphDB workbench: http://graphdb.local/graphdb
```

### Repository

You can install GraphDB's Helm chart from our public Helm repository as well.

1. Add Ontotext repository with

```shell
helm repo add ontotext https://maven.ontotext.com/repository/helm-public/
```

2. Install GraphDB

```shell
helm install graphdb ontotext/graphdb
```

### Provenance

Helm can verify the origin and integrity of the Helm chart by

1. Importing the public GnuPG key:

```shell
gpg --keyserver keyserver.ubuntu.com --recv-keys 8E1B45AF8157DB82
# Helm uses the legacy gpg format
gpg --export > ~/.gnupg/pubring.gpg
```

2. Running `helm install` with the `--verify` flag, i.e.:

```shell
helm install --verify graphdb ontotext/graphdb
```

Note that the verification works only when installing from a local tar.gz or when installing from the repository.

## Persistence

By default, the Helm chart is deploying persistent volumes that store data on the host path.
Expand Down

0 comments on commit 48bc3c8

Please sign in to comment.