Trusted Artifacts Conventions Package
Policies to verify that a Tekton task definition conforms to the expected conventions required for using Trusted Artifacts.
Rules Included
Parameter
Trusted Artifact parameters follow the expected naming convention.
-
Rule type: FAILURE
-
FAILURE message:
The parameter %q of the Task %q does not use the _ARTIFACT suffix -
Code:
trusted_artifacts.parameter
Result
Trusted Artifact results follow the expected naming convention.
-
Rule type: FAILURE
-
FAILURE message:
The result %q of the Task %q does not use the _ARTIFACT suffix -
Code:
trusted_artifacts.result
Workspace
Tasks that implement the Trusted Artifacts pattern should not allow general purpose workspaces to share data. Instead, data should be passed around via Trusted Artifacts. Workspaces used for other purposes, e.g. provide auth credentials, are allowed. Use the rule data key allowed_trusted_artifacts_workspaces to specify which workspace names are allowed. By default this value is empty which effectively disallows any workspace.
-
Rule type: FAILURE
-
FAILURE message:
General purpose workspace %q is not allowed -
Code:
trusted_artifacts.workspace -
Effective from:
2024-07-07T00:00:00Z