65 lines
1.3 KiB
YAML
Executable File
65 lines
1.3 KiB
YAML
Executable File
apiVersion: tekton.dev/v1beta1
|
|
kind: Pipeline
|
|
metadata:
|
|
name: cosign-pipeline
|
|
spec:
|
|
description: |
|
|
This pipeline clones a git repo, builds a Docker image with Kaniko and
|
|
pushes it to a registry
|
|
params:
|
|
- name: repo-url
|
|
type: string
|
|
- name: git-revision
|
|
type: string
|
|
|
|
- name: maven-mirror-url
|
|
type: string
|
|
|
|
- name: sonar-organization
|
|
type: string
|
|
- name: sonar-project-key
|
|
type: string
|
|
- name: sonar-token
|
|
type: string
|
|
- name: sonar-host-url
|
|
type: string
|
|
- name: source-to-scan
|
|
type: string
|
|
|
|
- name: registry
|
|
type: string
|
|
- name: project
|
|
type: string
|
|
- name: image-name
|
|
type: string
|
|
|
|
- name: cosign-image-url
|
|
type: string
|
|
|
|
- name: deptrack-projectName
|
|
type: string
|
|
- name: deptrack-projectVersion
|
|
type: string
|
|
- name: deptrack-apiKey
|
|
type: string
|
|
- name: deptrack-url
|
|
type: string
|
|
|
|
workspaces:
|
|
- name: shared-data
|
|
- name: registry-credentials
|
|
- name: maven-settings
|
|
- name: sonar-settings
|
|
|
|
tasks:
|
|
|
|
- name: cosign-sign
|
|
taskRef:
|
|
name: cosign-sign
|
|
params:
|
|
- name: cosign-image-url
|
|
value: $(params.registry)/$(params.project)/$(params.image-name):$(params.git-revision)
|
|
- name: cosign-image-digest
|
|
value: sha256:bfb0a7c2b8960ec9a1f61df004bfea8826ab9bf95454368aead0acce929654a4
|
|
|