Remove cosign stuff. It's not working and I can figure this out later.

2023-04-20 18:13:01 -04:00 · 2023-04-20 18:13:01 -04:00 · 069149c8b3
parent 667cf3b8ff
commit 069149c8b3
3 changed files with 25 additions and 20 deletions
--- a/generic-pipelines/simple-ros-pipeline.yaml
+++ b/generic-pipelines/simple-ros-pipeline.yaml
@ -9,7 +9,6 @@ spec:
  workspaces:
  - name: shared-data
  - name: git-credentials
-  - name: cosign-credentials
  params:
  - name: registry-login-secret-name
  tasks:
@ -33,8 +32,6 @@ spec:
    workspaces:
    - name: source
      workspace: shared-data
-    - name: cosign-credentials
-      workspace: cosign-credentials
    params:
    - name: registry
      value: harbor.internal.jpace121.net
--- a/generic-tasks/j7s-buildah.yaml
+++ b/generic-tasks/j7s-buildah.yaml
@ -18,7 +18,6 @@ spec:
    description: Name of the secret containing the credentials to push to the registry.
  workspaces:
  - name: source
-  - name: cosign-credentials
  steps:
  - name: build
    image: harbor.internal.jpace121.net/k8s/buildah:latest
@ -27,28 +26,14 @@ spec:
      set -x
      # Login
      buildah login --tls-verify=false --username=$USERNAME --password=$PASSWORD $(params.registry)
-      mkdir ~/.sigstore
-      cp $(workspaces.cosign-credentials.path)/* ~/.sigstore
-      cat <<EOF > ~/.sigstore/param-file.yaml
-      privateKeyFile: "$HOME/.sigstore/cosign.key"
-      privateKeyPassphraseFile: "$HOME/.sigstore/cosign.password"
-      EOF
-      mkdir -p /etc/containers/registries.d/
-      cat <<EOF > /etc/containers/registries.d/james-registry.yaml
-      docker:
-         $(params.registry):
-            use-sigstore-attachments: true
-      EOF
      # Build
      buildah --storage-driver=overlay bud --tls-verify=false --no-cache \
        -f $(params.containerfile)  -t $(params.name):$(params.version) .
      # Push
-      cat $HOME/.sigstore/param-file.yaml
-      ls $HOME/.sigstore
-      skopeo copy --debug --dest-tls-verify=false --sign-by-sigstore=$HOME/.sigstore/param-file.yaml \
+      skopeo copy --debug --dest-tls-verify=false \
              containers-storage:localhost/$(params.name):$(params.version) \
              docker://$(params.registry)/$(params.name):$(params.version)
-      skopeo copy --debug --dest-tls-verify=false --sign-by-sigstore=$HOME/.sigstore/param-file.yaml \
+      skopeo copy --debug --dest-tls-verify=false \
              containers-storage:localhost/$(params.name):$(params.version) \
              docker://$(params.registry)/$(params.name):latest
    env:
--- a/runs/simple-ros-pipeline.yaml
+++ b/runs/simple-ros-pipeline.yaml
@ -0,0 +1,23 @@
+apiVersion: tekton.dev/v1beta1
+kind: PipelineRun
+metadata:
+  generateName: simple-ros-pipeline-
+  namespace: j7s-ci
+spec:
+  pipelineRef:
+    name: simple-ros-pipeline
+  params:
+  - name: registry-login-secret-name
+    value: harbor-login
+  workspaces:
+  - name: shared-data
+    volumeClaimTemplate:
+      spec:
+        accessModes:
+        - ReadWriteOnce
+        resources:
+          requests:
+            storage: 1Gi
+  - name: git-credentials
+    secret:
+      secretName: git-credentials