You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I would like it to be possible to have Chains process output artifacts (i.e. signing, and provenance generation) without having to output the image URL and digests directly to Tekton results.
While it is possible to use the IMAGES result to process multiple output artifacts from a TaskRun, the space available for storing information in results is limited. While there are options for increasing the space available, these options are not possible to be configured on a task-by-task basis (xref: tektoncd/pipeline#8448).
Since the signing support is already present for artifacts in a container registry (i.e. it is assumed that there is a configured container registry), it would be beneficial if it would be supported to produce a specific artifact which can have all of the digest-pinned image references for signing. This can be as simple as pushing a json file to a container registry (i.e. oras push) and recording the URI/digest of that image manifest in the TaskRun result. Chains would then pull the artifact and process the list of identifiers.
Use case
As a task writer, I would like to be able to generate many artifacts and images to be signed by Chains without requiring that the task is run in a cluster configured with larger results sizes.
The text was updated successfully, but these errors were encountered:
Feature request
I would like it to be possible to have Chains process output artifacts (i.e. signing, and provenance generation) without having to output the image URL and digests directly to Tekton results.
While it is possible to use the
IMAGES
result to process multiple output artifacts from a TaskRun, the space available for storing information in results is limited. While there are options for increasing the space available, these options are not possible to be configured on a task-by-task basis (xref: tektoncd/pipeline#8448).Since the signing support is already present for artifacts in a container registry (i.e. it is assumed that there is a configured container registry), it would be beneficial if it would be supported to produce a specific artifact which can have all of the digest-pinned image references for signing. This can be as simple as pushing a json file to a container registry (i.e.
oras push
) and recording the URI/digest of that image manifest in the TaskRun result. Chains would then pull the artifact and process the list of identifiers.Use case
The text was updated successfully, but these errors were encountered: