Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for specifying artifacts to be processed without outputting all URIs to results #1270

Open
arewm opened this issue Dec 18, 2024 · 0 comments
Labels
kind/feature Categorizes issue or PR as related to a new feature.

Comments

@arewm
Copy link

arewm commented Dec 18, 2024

Feature request

I would like it to be possible to have Chains process output artifacts (i.e. signing, and provenance generation) without having to output the image URL and digests directly to Tekton results.

While it is possible to use the IMAGES result to process multiple output artifacts from a TaskRun, the space available for storing information in results is limited. While there are options for increasing the space available, these options are not possible to be configured on a task-by-task basis (xref: tektoncd/pipeline#8448).

Since the signing support is already present for artifacts in a container registry (i.e. it is assumed that there is a configured container registry), it would be beneficial if it would be supported to produce a specific artifact which can have all of the digest-pinned image references for signing. This can be as simple as pushing a json file to a container registry (i.e. oras push) and recording the URI/digest of that image manifest in the TaskRun result. Chains would then pull the artifact and process the list of identifiers.

Use case

  • As a task writer, I would like to be able to generate many artifacts and images to be signed by Chains without requiring that the task is run in a cluster configured with larger results sizes.
@arewm arewm added the kind/feature Categorizes issue or PR as related to a new feature. label Dec 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Development

No branches or pull requests

1 participant