collect-keyless-params
Version: 0.1
Synopsis
Tekton task to collect Konflux configuration parameters related to keyless signing using cosign. The task attempts to read the "cluster-config" ConfigMap in the "konflux-info" namespace to extract signing parameters.
In case the ConfigMap is not found, the task will output empty strings for all parameters, allowing the pipeline to continue without signing parameters.
Params
configMapName (string)
|
The name of the ConfigMap to read signing parameters from Default: |
configMapNamespace (string)
|
The namespace where the ConfigMap is located Default: |
Results
| keylessSigningEnabled |
A flag indicating whether keyless signing is enabled based on the presence of signing parameters. |
| defaultOIDCIssuer |
A default OIDC issuer URL to be used for signing. |
| buildIdentityRegexp |
A regular expression to extract build identity from the OIDC token claims, if applicable. |
| tektonChainsIdentity |
The Tekton Chains identity from the OIDC token claims, if applicable. |
| fulcioUrl |
The URL of the Fulcio certificate authority. |
| rekorUrl |
The URL of the Rekor transparency log. |
| tufUrl |
The URL of the TUF repository. |