forked from konflux-ci/release-service-catalog
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathe2e.yaml
More file actions
132 lines (132 loc) · 4.9 KB
/
Copy pathe2e.yaml
File metadata and controls
132 lines (132 loc) · 4.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
---
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: e2e
annotations:
tekton.dev/pipelines.minVersion: "0.12.1"
tekton.dev/tags: release
spec:
description: |-
Minimal Tekton Pipeline to be used by the E2E tests. The Pipeline is designed to include only tasks that could be
affected by RHTAP services or which results could affect the RHTAP workflow.
params:
- name: release
type: string
description:
The namespaced name (namespace/name) of the Release custom resource initiating this pipeline execution
- name: releasePlan
type: string
description: The namespaced name (namespace/name) of the releasePlan
- name: releasePlanAdmission
type: string
description: The namespaced name (namespace/name) of the releasePlanAdmission
- name: releaseServiceConfig
type: string
description: The namespaced name (namespace/name) of the releaseServiceConfig
- name: snapshot
type: string
description: The namespaced name (namespace/name) of the snapshot
- name: enterpriseContractPolicy
type: string
description: JSON representation of the EnterpriseContractPolicy
- name: enterpriseContractExtraRuleData
type: string
description: |
Extra rule data to be merged into the policy specified in params.enterpriseContractPolicy. Use syntax
"key1=value1,key2=value2..."
default: "pipeline_intention=release"
- name: verify_ec_task_bundle
type: string
description: The location of the bundle containing the verify-enterprise-contract task
- name: verify_ec_task_git_revision
type: string
description: Previously used for the Conforma task git resolver, now deprecated and ignored
default: ignored
- name: taskGitUrl
type: string
description: The url to the git repo where the release-service-catalog tasks to be used are stored
default: https://github.com/konflux-ci/release-service-catalog.git
- name: taskGitRevision
type: string
description: The revision in the taskGitUrl repo to be used
- name: ociStorage
type: string
description: The OCI repository where the Trusted Artifacts are stored
default: "quay.io/konflux-ci/release-service-trusted-artifacts"
- name: trustedArtifactsDebug
description: Flag to enable debug logging in trusted artifacts. Set to a non-empty string to enable
type: string
default: ""
- name: dataDir
description: The location where data will be stored
type: string
# to avoid tar extraction errors, we need to specify a subdirectory
# inside the volume.
default: "/var/workdir/release"
tasks:
- name: collect-data
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/managed/collect-data/collect-data.yaml
params:
- name: release
value: $(params.release)
- name: releasePlan
value: $(params.releasePlan)
- name: releasePlanAdmission
value: $(params.releasePlanAdmission)
- name: releaseServiceConfig
value: $(params.releaseServiceConfig)
- name: snapshot
value: $(params.snapshot)
- name: subdirectory
value: $(context.pipelineRun.uid)
- name: ociStorage
value: $(params.ociStorage)
- name: dataDir
value: $(params.dataDir)
- name: trustedArtifactsDebug
value: "$(params.trustedArtifactsDebug)"
- name: taskGitUrl
value: "$(params.taskGitUrl)"
- name: taskGitRevision
value: "$(params.taskGitRevision)"
- name: verify-conforma
retries: 2
timeout: "4h00m0s"
taskRef:
resolver: "git"
params:
- name: url
value: https://github.com/conforma/tekton-catalog
- name: revision
value: "1383873048e9bb8626c0e4b37c93da433b12e339"
- name: pathInRepo
value: "tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml"
params:
- name: SNAPSHOT_FILENAME
value: "$(tasks.collect-data.results.snapshotSpec)"
- name: SSL_CERT_DIR
value: /var/run/secrets/kubernetes.io/serviceaccount
- name: POLICY_CONFIGURATION
value: $(params.enterpriseContractPolicy)
- name: STRICT
# only set to false for development
value: "true"
- name: IGNORE_REKOR
value: "true"
- name: EXTRA_RULE_DATA
value: $(params.enterpriseContractExtraRuleData)
- name: SOURCE_DATA_ARTIFACT
value: "$(tasks.collect-data.results.sourceDataArtifact)"
- name: TRUSTED_ARTIFACTS_DEBUG
value: "$(params.trustedArtifactsDebug)"
runAfter:
- collect-data