-
podman-build.sh for local inner loop creation of the container image
-
podman-run.sh for local inner loop run of the container image
Inside the .tekton/pipelinerun.yaml use only the OpenShift Pipeline provided ClusterTasks. I used the buildah task from the Hub and burned a day because of security issues.
You need a Secret to access the production repository. The secret must have an annotation with the url of the production registry
|
Note
|
For quay.io it is better to create a robot account |
apiVersion: v1
kind: Secret
metadata:
name: quay-creds
annotations:
tekton.dev/docker-0: https://quay.io
data:
.dockerconfigjson: ewogICJhd....H0KfQ==
type: kubernetes.io/dockerconfigjson
Apply the secret to the NAMESPACE
oc apply -f quay-creds.yaml
Link this Secret to the ServiceAccount running the skopeo task
oc secret link pipeline quay-creds --for=pull,mount
|
Note
|
documentation says that the SA (pipeline) should not be altered. Until now no problems. YMMV |