task: add rhacs M2M authenticate task

[dhaus67]

Changes

Add a new task which handles authentication for RHACS tasks (i.e. rhacs-image-scan, rhacs-image-check, rhacs-deployment-check).

The task will allow folks to make use of projected volumes for obtaining a valid RHACS token instead of relying on long-living API tokens as before.

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you review them:

• [x] Follows the authoring recommendations
• [x] Includes docs (if user facing)
• [ ] Includes tests (for new tasks or changed functionality)
  • See the end-to-end testing documentation for guidance and CI details.
• [x] Meets the Tekton contributor standards (including functionality, content, code)
• [x] Commit messages follow commit message best practices
• [x] Has a kind label. You can add one by adding a comment on this PR that contains /kind <type>. Valid types are bug, cleanup, design, documentation, feature, flake, misc, question, tep

• [x] Complies with Catalog Organization TEP, see example. Note An issue has been filed to automate this validation

  • [x] File path follows <kind>/<name>/<version>/name.yaml
  • [x] Has README.md at <kind>/<name>/<version>/README.md
  • [x] Has mandatory metadata.labels - app.kubernetes.io/version the same as the <version> of the resource
  • [x] Has mandatory metadata.annotations tekton.dev/pipelines.minVersion

  • [x] mandatory spec.description follows the convention

    
      spec:
        description: >-
          one line summary of the resource
    
          Paragraph(s) to describe the resource.

See the contribution guide for more details.

[linux-foundation-easycla[bot]]

The committers listed above are authorized under a signed CLA.

• :white_check_mark: login: dhaus67 (d2a901731bb7755723d1c5c35008cb859c736f20)

[tekton-robot]

Hi @dhaus67. Thanks for your PR.

I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[dhaus67]

/kind feature

[vdemeester]

/verify-owners

[tekton-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: vdemeester

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/tektoncd/catalog/blob/main/OWNERS)~~ [vdemeester] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[dhaus67]

/assign vdemeester

[rhybrillou]

/verify-owners

[rhybrillou]

/verify-owners

[vinamra28]

/test pull-catalog-catlin-lint

[tekton-robot]

@vinamra28: The specified target(s) for /test were not found. The following commands are available to trigger required jobs:

• /test pull-tekton-catalog-build-tests
• /test pull-tekton-catalog-integration-tests
• /test pull-tekton-catalog-unit-tests

Use /test all to run all jobs.

In response to [this](https://github.com/tektoncd/catalog/pull/1259#issuecomment-2132626567): >/test pull-catalog-catlin-lint Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[tekton-robot]

Catlin Output

``` FILE: task/helm-upgrade-from-repo/0.3/helm-upgrade-from-repo.yaml HINT : Task: tekton.dev/v1beta1 - name: "helm-upgrade-from-repo" is missing a readable display name annotation("tekton.dev/displayName") WARN : Step "upgrade-from-repo" uses image "$(params.helm_image)" that contains variables; skipping validation FILE: task/helm-upgrade-from-source/0.4/helm-upgrade-from-source.yaml HINT : Task: tekton.dev/v1beta1 - name: "helm-upgrade-from-source" is missing a readable display name annotation("tekton.dev/displayName") WARN : Step "upgrade" uses image "$(params.helm_image)" that contains variables; skipping validation FILE: task/rhacs-m2m-authenticate/0.1/rhacs-m2m-authenticate.yaml ```

Catlin script lint Output

``` ERROR: /usr/bin/shellcheck, [-s sh] failed: In helm-upgrade-from-repo-upgrade-from-repo line 5: REPO=`echo "$(params.chart_name)" | cut -d "/" -f 1` ^-- SC2006 (style): Use $(...) notation instead of legacy backticks `...`. ^--------------------^ SC2005 (style): Useless echo? Instead of 'echo $(cmd)', just use 'cmd'. Did you mean: REPO=$(echo "$(params.chart_name)" | cut -d "/" -f 1) In helm-upgrade-from-repo-upgrade-from-repo line 7: helm repo add $REPO "$(params.helm_repo)" ^---^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: helm repo add "$REPO" "$(params.helm_repo)" In helm-upgrade-from-repo-upgrade-from-repo line 11: helm upgrade --wait --install --namespace "$(params.release_namespace)" $(params.release_name) $(params.chart_name) --debug --set "$(params.overwrite_values)" ^--------------------^ SC2046 (warning): Quote this to prevent word splitting. ^------------------^ SC2046 (warning): Quote this to prevent word splitting. For more information: https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt... https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ... https://www.shellcheck.net/wiki/SC2005 -- Useless echo? Instead of 'echo $(... ERROR: /usr/bin/shellcheck, [-s sh] failed: In helm-upgrade-from-source-upgrade line 6: helm upgrade --install --wait --values "$(params.charts_dir)/$(params.values_file)" --namespace "$(params.release_namespace)" --version "$(params.release_version)" "$(params.release_name)" "$(params.charts_dir)" --debug --set "$(params.overwrite_values)" $(params.upgrade_extra_params) ^----------------------------^ SC2046 (warning): Quote this to prevent word splitting. For more information: https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt... ```

[vinamra28]

can you please squash the commits? will merge post that

[vinamra28]

/lgtm