This contains the content used to demo sigstore at the OpenShift Commons Briefing on March 30, 2021; a recording of this can be found at https://www.youtube.com/watch?v=yKrbUGSwrEw.
Slides from the presentation can be seen at: https://speakerdeck.com/redhatopenshift/secure-your-open-source-supply-chain-with-sigstore.
oc apply -f ./config/tekton/task
oc apply -f ./config/tekton/pipeline
oc apply -f ./config/tekton/trigger
Once the el-sigstore-demo-app
service has been created by Tekton, expose it
by running:
oc expose service el-sigstore-demo-app
Open GitHub repo (Go to Settings > Webhooks) click on Add webhook
. Under
Payload URL, paste the output of:
echo $(oc get route el-sigstore-demo-app --template='http://{{.spec.host}}')
Select Content type as application/json
. Add secret eg: sigstore
. Click on
Add Webhook
.
Now when we perform any push event on the repo, it will trigger the pipeline with a new pipeline run. To test it, run:
git commit -m "empty-commit" --allow-empty && git push origin main