chains
chains copied to clipboard
tektoncd
Supply Chain Security in Tekton Pipelines
- Add new configmap field - `storage.grafeas.notehint` to allow customization for the hint field configurable in grafeas ATTESTATION Note - Change the `BuildType` field in the intoto attestation to the...
[TEP-84](https://github.com/tektoncd/community/blob/main/teps/0084-endtoend-provenance-collection.md) calls for end-to-end provenance collection. In this POC, Chains is modified to attest PipelineRun resources in addition to TaskRun resources. Three new options are added to the configuration: *...
- Added a link to Grafeas doc about notes and occurrences. - Explained a bit more on how we will use the configurable field to create notes.
Bumps to knative/pkg @ release-1.6 and cosign@latest (1.10.1) # Submitter Checklist As the author of this PR, please check off the items in this checklist: - [ ] Has [Docs](https://github.com/tektoncd/community/blob/main/standards.md#docs)...
# Expected Behavior Rekor client should not be initialized if transparency is not enable. # Actual Behavior Rekor client is initialized even if config.transparency.enabled is false. In current setup the...
A list of things we want to do before releasing 1.0: - [x] https://github.com/tektoncd/chains/issues/204 - [x] https://github.com/tektoncd/chains/issues/203 - [x] https://github.com/tektoncd/chains/issues/191 - [x] https://github.com/tektoncd/chains/issues/190 - [x] https://github.com/tektoncd/chains/issues/166 - [x] https://github.com/tektoncd/chains/issues/156 -...
I'm imagining a Tekton Cat but with the chains necklace on, hanging out with the Falco logo. The cat will be holding some kind of shield with the SPIFFE logo...
Bumps [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) from 0.37.2 to 0.38.3. Release notes Sourced from github.com/tektoncd/pipeline's releases. Tekton Pipeline release v0.38.3 "Ocicat Ava" -Docs @ v0.38.3 -Examples @ v0.38.3 Installation one-liner kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.38.3/release.yaml...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
The grafeas `[pkg/chains/storage/grafeas TestBackend_ListOccurrences]` unit test is flaky: ``` grafeas_test.go:85: Wrong list of occurrences received for empty filter, got= (*grafeas_go_proto.ListOccurrencesResponse)(Inverse(protocmp.Transform, protocmp.Message{ })) ``` an [example failure log](https://tekton-releases.appspot.com/build/tekton-prow/pr-logs/pull/tektoncd_chains/420/pull-tekton-chains-unit-tests/1517164418503282689/) provided. cc @chuangw6...