Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion .claude/commands/test.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,11 @@ If any required variable is missing, use AskUserQuestion to ask the user to prov
Before running the tests, the release infrastructure must be set up on the cluster. Run `setup-release.sh` to create the managed namespace, EnterpriseContractPolicy, ImageRepositories, ReleasePlanAdmission, and ReleasePlan:

```
bash scripts/setup-release.sh \
kubectl get configmap setup-release \
-n konflux-cli \
-o jsonpath='{.data.setup-release\.sh}' > setup-release.sh
chmod +x setup-release.sh
./setup-release.sh \
-t "${E2E_APPLICATIONS_NAMESPACE}" \
-m "${TSF_MANAGED_NAMESPACE}" \
-a "${TSF_APPLICATION_NAME}" \
Expand Down
5 changes: 1 addition & 4 deletions Containerfile
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ COPY LICENSE.txt .

WORKDIR /tsf

COPY --from=ose-tools /usr/bin/jq /usr/bin/kubectl /usr/bin/oc /usr/bin/vi /usr/bin/
COPY --from=ose-tools /usr/bin/jq /usr/bin/kubectl /usr/bin/oc /usr/bin/vi /usr/bin/watch /usr/bin/
# jq libraries
COPY --from=ose-tools /usr/lib64/libjq.so.1 /usr/lib64/libonig.so.5 /usr/lib64/
# vi libraries
Expand All @@ -75,9 +75,6 @@ COPY --from=builder /workdir/tsf/installer/charts ./charts
COPY --from=builder /workdir/tsf/installer/config.yaml ./
COPY --from=builder /workdir/tsf/bin/tsf /usr/local/bin/tsf

COPY scripts ./scripts
RUN chmod +x ./scripts/*.sh

RUN groupadd --gid 9999 -r tsf && \
useradd -r -d /tsf -g tsf -s /sbin/nologin --uid 9999 tsf && \
chown -R tsf:tsf .
Expand Down
14 changes: 12 additions & 2 deletions docs/modules/ROOT/pages/getting-started.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,8 @@ Log in to the {OCPShortName} cluster as the Platform Engineer (cluster admin) an
+
[source,bash]
----
oc get configmap setup-release -n konflux-cli \
oc get configmap setup-release \
-n konflux-cli \
-o jsonpath='{.data.setup-release\.sh}' > setup-release.sh
chmod +x setup-release.sh
----
Expand Down Expand Up @@ -143,14 +144,23 @@ After the build and release complete, verify the security artifacts that {TSFSho
* The UI displays vulnerability reports and license information.

. **Signature verification:**
Download `cosign` from the cluster:
+
[source,bash]
----
tas_host=$(oc get route -A -l "app.kubernetes.io/part-of=trusted-artifact-signer,app.kubernetes.io/component=client-server" -o jsonpath='{.items[0].spec.host}')
curl -sSLo cosign.gz https://${tas_host}/clients/linux/cosign-${ARCH}.gz
gunzip cosign.gz
chmod +x cosign
----
+
Download `cosign` from the {OCPShortName} cluster to your local machine. The `cosign` binary is not included in the installer container. For download and setup instructions, see link:https://docs.redhat.com/en/documentation/red_hat_trusted_artifact_signer/{RHTASVersion}/html-single/deployment_guide/index#signing-and-verifying-containers-by-using-cosign-from-the-command-line-interface-for-openshift_deploy[Signing and verifying containers by using Cosign from the command-line interface].
+
Verify the image signature:
+
[source,bash]
----
cosign tree <image-reference>
./cosign tree <image-reference>
----
+
View the Rekor transparency log entry for the signing event.
Expand Down
6 changes: 5 additions & 1 deletion integration-tests/tasks/tsf-e2e-run.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,11 @@ spec:

# Set up release resources before running the tests
echo "--- Setting up release resources ---"
bash scripts/setup-release.sh \
kubectl get configmap setup-release \
-n konflux-cli \
-o jsonpath='{.data.setup-release\.sh}' > setup-release.sh
chmod +x setup-release.sh
./setup-release.sh \
-t "${E2E_APPLICATIONS_NAMESPACE}" \
-m "${TSF_MANAGED_NAMESPACE}" \
-a "${TSF_APPLICATION_NAME}" \
Expand Down
Loading
Loading