feat: stepactions for secure push to OCI registry #76

psturc · 2024-12-10T10:51:34Z

This PR introduces 2 new stepactions:

secure-push-oci, that scans the content of the specified directory, removes files that contain leaked information and pushes the directory content to the new/existing OCI artifact in quay.io, including the log from the leaktk CLI scan
fail-if-any-step-failed - which purpose is to exit with non-zero code, if any of the steps executed as a part of the tekton Task exited with non-zero code. This is useful in Tasks, where we want to save artifacts that were produced by a step, where the error was purposely ignored (using error: continue field), but still want to fail the Task in the end, to give the user the correct job results

it also contains a commit from this PR, that was reverted after merge due to missing updates in quay.io/konflux-qe-incubator/konflux-qe-tools:latest image - it was updated and now it is save to merge it

stepactions/fail-if-any-step-failed/0.1/README.md

psturc mentioned this pull request Dec 10, 2024

feat: collect log from provisioning rosa HCP #77

Merged

Dannyb48 reviewed Dec 10, 2024

View reviewed changes

stepactions/fail-if-any-step-failed/0.1/README.md Show resolved Hide resolved

psturc force-pushed the KFLUXDP-6 branch from 3e7b1f8 to 15a6f9a Compare December 10, 2024 15:47

psturc added 3 commits December 10, 2024 17:03

feat: replace trufflehog with leaktk

ccdcd28

feat: stepactions for secure push to OCI registry

f2e422b

docs: fail-if-any-step-failed usage

1917411

psturc force-pushed the KFLUXDP-6 branch from 15a6f9a to 1917411 Compare December 10, 2024 16:05

Dannyb48 approved these changes Dec 11, 2024

View reviewed changes

ascerra approved these changes Dec 11, 2024

View reviewed changes

ascerra merged commit 51aa5e2 into konflux-ci:main Dec 11, 2024

Provide feedback