support reading signing passphrase from file or stdin

[sdorra]

Signed-off-by: Sebastian Sdorra sebastian.sdorra@cloudogu.com

closes #8210

What this PR does / why we need it:

In helm v2 we had the HELM_KEY_PASSPHRASE environment variable to pass the passphrase within a ci process, but in helm v3 we have no way to pass the passphrase without user interaction.

So this pr will add support for reading the signing passphrase from file or stdin e.g.:

echo secret > secret.txt
helm package --sign --key mykey --keyring secring.gpg --passphrase-file secret.txt my-chart
# or
echo secret | helm package --sign --key mykey --keyring secring.gpg --passphrase-file "-" my-chart

If applicable:

• this PR contains documentation
• this PR contains unit tests
• this PR has been tested for backwards compatibility

[bacongobbler]

code LGTM, though it'll need another maintainer to approve before merging.

[sdorra]

@bacongobbler Is there something i can do to speed things up?

[Lukkie]

I also need this for my helm chart build pipeline. Would be nice if it could be merged sometime soon.

[fcrespofastly]

Any chance this gets reviewed by someone else @bacongobbler ? We're willing to use this in our build pipelines too

[bacongobbler]

Feel free to reach out to the other core maintainers.

[dkulchinsky]

Thanks for replying @bacongobbler! but the list of maintainers in OWNERS is quite long, not sure who we should tag here? could you help us figure out who could help us here?

We desperately need this feature for our CI pipeline since we need to sign the charts to generate a provenance file.

[sdorra]

It looks like a large part of the GPG code was written by technosophos.

[sdorra]

Hey @technosophos could you help us with this pr?

[technosophos]

I will be reviewing it today or tomorrow.

[technosophos]

LGTM

[technosophos]

Added this to 3.4.0 since it is a new feature.