search

tektoncd / pipeline

A cloud-native Pipeline resource.
https://tekton.dev
Apache License 2.0
8.45k stars 1.77k forks source link

Capture provenance of StepActions in Status #8091

Closed chitrangpatel closed 2 months ago

chitrangpatel commented 3 months ago

Feature request

We need to record the provenance (uri and the digest) of the remote StepActions in the TaskRun's Status.

Use case

Issue https://github.com/tektoncd/pipeline/issues/5550 enabled the surfacing of the provenance (i.e. uri and digest) of remote Pipelines and Tasks. This in turn allowed Tekton Chains to capture it in the intoto provenance. A corresponding capability is missing for remote StepActions and should be fixed. Without this information, the intoto provenance generated by Tekton Chains is incomplete.

chitrangpatel commented 3 months ago

cc @lcarva @renzodavid9 @wlynch @vdemeester