From 069149c8b3cdbc52fdacd675c54839a83b247a3c Mon Sep 17 00:00:00 2001
From: James Pace <jpace121@gmail.com>
Date: Thu, 20 Apr 2023 18:13:01 -0400
Subject: [PATCH] Remove cosign stuff. It's not working and I can figure this
 out later.

---
 generic-pipelines/simple-ros-pipeline.yaml |  3 ---
 generic-tasks/j7s-buildah.yaml             | 19 ++----------------
 runs/simple-ros-pipeline.yaml              | 23 ++++++++++++++++++++++
 3 files changed, 25 insertions(+), 20 deletions(-)
 create mode 100644 runs/simple-ros-pipeline.yaml

diff --git a/generic-pipelines/simple-ros-pipeline.yaml b/generic-pipelines/simple-ros-pipeline.yaml
index e808b39..d757f56 100644
--- a/generic-pipelines/simple-ros-pipeline.yaml
+++ b/generic-pipelines/simple-ros-pipeline.yaml
@@ -9,7 +9,6 @@ spec:
   workspaces:
   - name: shared-data
   - name: git-credentials
-  - name: cosign-credentials
   params:
   - name: registry-login-secret-name
   tasks:
@@ -33,8 +32,6 @@ spec:
     workspaces:
     - name: source
       workspace: shared-data
-    - name: cosign-credentials
-      workspace: cosign-credentials
     params:
     - name: registry
       value: harbor.internal.jpace121.net
diff --git a/generic-tasks/j7s-buildah.yaml b/generic-tasks/j7s-buildah.yaml
index 9c152e0..0aa131b 100644
--- a/generic-tasks/j7s-buildah.yaml
+++ b/generic-tasks/j7s-buildah.yaml
@@ -18,7 +18,6 @@ spec:
     description: Name of the secret containing the credentials to push to the registry.
   workspaces:
   - name: source
-  - name: cosign-credentials
   steps:
   - name: build
     image: harbor.internal.jpace121.net/k8s/buildah:latest
@@ -27,28 +26,14 @@ spec:
       set -x
       # Login
       buildah login --tls-verify=false --username=$USERNAME --password=$PASSWORD $(params.registry)
-      mkdir ~/.sigstore
-      cp $(workspaces.cosign-credentials.path)/* ~/.sigstore
-      cat <<EOF > ~/.sigstore/param-file.yaml
-      privateKeyFile: "$HOME/.sigstore/cosign.key"
-      privateKeyPassphraseFile: "$HOME/.sigstore/cosign.password"
-      EOF
-      mkdir -p /etc/containers/registries.d/
-      cat <<EOF > /etc/containers/registries.d/james-registry.yaml
-      docker:
-         $(params.registry):
-            use-sigstore-attachments: true
-      EOF
       # Build
       buildah --storage-driver=overlay bud --tls-verify=false --no-cache \
         -f $(params.containerfile)  -t $(params.name):$(params.version) .
       # Push
-      cat $HOME/.sigstore/param-file.yaml
-      ls $HOME/.sigstore
-      skopeo copy --debug --dest-tls-verify=false --sign-by-sigstore=$HOME/.sigstore/param-file.yaml \
+      skopeo copy --debug --dest-tls-verify=false \
               containers-storage:localhost/$(params.name):$(params.version) \
               docker://$(params.registry)/$(params.name):$(params.version)
-      skopeo copy --debug --dest-tls-verify=false --sign-by-sigstore=$HOME/.sigstore/param-file.yaml \
+      skopeo copy --debug --dest-tls-verify=false \
               containers-storage:localhost/$(params.name):$(params.version) \
               docker://$(params.registry)/$(params.name):latest
     env:
diff --git a/runs/simple-ros-pipeline.yaml b/runs/simple-ros-pipeline.yaml
new file mode 100644
index 0000000..0f2fbb7
--- /dev/null
+++ b/runs/simple-ros-pipeline.yaml
@@ -0,0 +1,23 @@
+apiVersion: tekton.dev/v1beta1
+kind: PipelineRun
+metadata:
+  generateName: simple-ros-pipeline-
+  namespace: j7s-ci
+spec:
+  pipelineRef:
+    name: simple-ros-pipeline
+  params:
+  - name: registry-login-secret-name
+    value: harbor-login
+  workspaces:
+  - name: shared-data
+    volumeClaimTemplate:
+      spec:
+        accessModes:
+        - ReadWriteOnce
+        resources:
+          requests:
+            storage: 1Gi
+  - name: git-credentials
+    secret:
+      secretName: git-credentials
\ No newline at end of file