-
Notifications
You must be signed in to change notification settings - Fork 78
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Let user define pipeline provenance definition
By default on a `Push` or a `Pull Request`, Pipelines as Code will fetch the PipelineRun definition from the branch of where the event has been triggered. This behavior can be changed by setting the setting `pipelinerun_provenance`. The setting currently accept two values: - `source`: The default behavior, the PipelineRun definition will be fetched from the branch of where the event has been triggered. - `default_branch`: The PipelineRun definition will be fetched from the default branch of the repository as configured on the git platform. For example `main`, `master`, or `trunk`. Example: This configuration specifies a repository named my-repo with a URL of <https://github.com/my-org/my-repo>. It also sets the `pipelinerun_provenance` setting to `default_branch`, which means that the PipelineRun definition will be fetched from the default branch of the repository. ```yaml apiVersion: "pipelinesascode.tekton.dev/v1alpha1" kind: Repository metadata: name: my-repo spec: url: "https://github.com/owner/repo" settings: pipelinerun_provenance: "default_branch" ``` SRVKP: https://issues.redhat.com/browse/SRVKP-2896 Letting the user specify the provenance of the PipelineRun definition to default branch is another layer of security. It ensures that only the one who has the right to merge commit to the default branch can change the PipelineRun and have access to the infrastrucutre. Signed-off-by: Chmouel Boudjnah <chmouel@redhat.com>
- Loading branch information
1 parent
a45a317
commit 28f7790
Showing
24 changed files
with
356 additions
and
91 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -250,4 +250,4 @@ while getopts "RGgpcrb" o; do | |
done | ||
shift $((OPTIND-1)) | ||
|
||
main | ||
main |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.