Pipeline Policy

These rules are applied to Tekton pipeline definitions.

1. Available Packages

Package Name

Description

task_bundle

To be able to reproduce and audit builds accurately it’s important to know exactly what happens during the build. To do this Conforma requires that all tasks are defined in a set of known and trusted task bundles. This package includes rules to confirm that the tasks in a Pipeline definition are defined in task bundles, and that the task bundles are from the list of known and trusted bundles.

basic

Policies to confirm the Tekton Pipeline definition has the expected kind.

required_tasks

Konflux expects that certain Tekton tasks are executed during image builds. This package includes policy rules to confirm that the pipeline definition includes those required tasks.