Open samj1912 opened 1 year ago
I think a new state called "Signing Failed" or similar might be a good representation of the state
I think indicating a signing failure independently in the conditions makes sense.
But, the severity of a failed signature seems like it would vary from user to user. I am not sure it makes sense to mark the build as a success for all users if signing failed. Do you see failed signing steps regularly?
Mostly happens if people push to a registry that doesn't accept non docker oci artifacts.
I think indicating a signing failure independently in the conditions makes sense.
Happy with this.
Thinking more about this, completion can also fail if it cannot read the report.toml
or it is unable to fetch the build metadata. We should probably create an exit code for a specific signing failure to be able to tell the difference
Currently, if the completion step fails, kpack marks the build as failed. The completion step is mostly optional (signing) and does not affect image publishing. We should instead introduce a new state to indicate this instead of marking the build as a failure