enterprise-contract / golden-container

Trivial definition of an image build in compliance with HACBS policy
Apache License 2.0
0 stars 11 forks source link

golden-container

Trivial definition of a multi-arch image build (amd64/arm64) in compliance with Enterprise Contract policy.

The latest released image is available at quay.io/konflux-ci/ec-golden-image:latest.

The image is signed and attested by Tekton Chains. For verification, use the in-cluster public key: k8s://openshift-pipelines/public-key.

To build in AppStudio

Best use hack/rebuild.sh from ec-cli. To build manually create a PipelineRun based on pull-request.yaml. Replace values wrapped in double curly brances, e.g. {{ revision }}, with the expected literal, e.g. main.