diff --git a/konflux-configs/base/project/kustomization.yaml b/konflux-configs/base/project/kustomization.yaml index de1f95d7..99bc3ba1 100644 --- a/konflux-configs/base/project/kustomization.yaml +++ b/konflux-configs/base/project/kustomization.yaml @@ -18,5 +18,6 @@ resources: - overlay/model-validation-operator - overlay/model-transparency - overlay/model-transparency-go + - overlay/sigstore-a2a - overlay/cli-stacks - overlay/rhtas-console diff --git a/konflux-configs/base/project/overlay/sigstore-a2a/kustomization.yaml b/konflux-configs/base/project/overlay/sigstore-a2a/kustomization.yaml new file mode 100644 index 00000000..59009a3d --- /dev/null +++ b/konflux-configs/base/project/overlay/sigstore-a2a/kustomization.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - project.yaml + - template.yaml + +components: + - ../../base/ec + - ../../base/release-plan + +patches: + - target: + name: sigstore-a2a-template + kind: ProjectDevelopmentStreamTemplate + path: patch/sigstore-a2a.yaml diff --git a/konflux-configs/base/project/overlay/sigstore-a2a/patch/sigstore-a2a.yaml b/konflux-configs/base/project/overlay/sigstore-a2a/patch/sigstore-a2a.yaml new file mode 100644 index 00000000..fcb5044e --- /dev/null +++ b/konflux-configs/base/project/overlay/sigstore-a2a/patch/sigstore-a2a.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "sigstore-a2a{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: sigstore-a2a + source: + git: + url: https://github.com/securesign/sigstore-a2a + revision: "{{.branch}}" + dockerfileUrl: Containerfile.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "sigstore-a2a{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "sigstore-a2a{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/sigstore-a2a + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino diff --git a/konflux-configs/base/project/overlay/sigstore-a2a/project.yaml b/konflux-configs/base/project/overlay/sigstore-a2a/project.yaml new file mode 100644 index 00000000..1b50b06a --- /dev/null +++ b/konflux-configs/base/project/overlay/sigstore-a2a/project.yaml @@ -0,0 +1,8 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: Project +metadata: + name: sigstore-a2a +spec: + displayName: "Red Hat Trusted Artifact Signer sigstore-a2a" + description: | + sigstore-a2a - Keyless signing library for A2A Agent Cards using Sigstore and SLSA provenance. diff --git a/konflux-configs/base/project/overlay/sigstore-a2a/template.yaml b/konflux-configs/base/project/overlay/sigstore-a2a/template.yaml new file mode 100644 index 00000000..97d0f6b2 --- /dev/null +++ b/konflux-configs/base/project/overlay/sigstore-a2a/template.yaml @@ -0,0 +1,33 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStreamTemplate +metadata: + name: sigstore-a2a-template + labels: + build.rhtas.com/ec: registry-rhtas + build.rhtas.com/type: component +spec: + project: sigstore-a2a + variables: + - name: version + description: A version number for a new development stream + - name: branch + description: Git branch + defaultValue: "main" + - name: nameSuffix + description: A suffix which will be added to K8s resource name + defaultValue: "-{{hyphenize .version}}" + - name: application + description: The application name + defaultValue: "sigstore-a2a" + - name: mintmakerDisabled + description: Whether to disable mintmaker annotation on the Component + defaultValue: "false" + resources: + - apiVersion: appstudio.redhat.com/v1alpha1 + kind: Application + metadata: + annotations: + application.thumbnail: "5" + name: "{{.application}}{{.nameSuffix}}" + spec: + displayName: "{{.application}} ({{.version}})" diff --git a/konflux-configs/base/stream/agent-card-validation/base/kustomization.yaml b/konflux-configs/base/stream/agent-card-validation/base/kustomization.yaml new file mode 100644 index 00000000..3772fe5b --- /dev/null +++ b/konflux-configs/base/stream/agent-card-validation/base/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - sigstore-a2a.yaml diff --git a/konflux-configs/base/stream/agent-card-validation/base/sigstore-a2a.yaml b/konflux-configs/base/stream/agent-card-validation/base/sigstore-a2a.yaml new file mode 100644 index 00000000..f24e15c6 --- /dev/null +++ b/konflux-configs/base/stream/agent-card-validation/base/sigstore-a2a.yaml @@ -0,0 +1,15 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStream +metadata: + name: sigstore-a2a +spec: + project: sigstore-a2a + template: + name: sigstore-a2a-template + values: + - name: version + value: "main" + - name: branch + value: "main" + - name: nameSuffix + value: "" diff --git a/konflux-configs/base/stream/agent-card-validation/overlay/kustomization.yaml b/konflux-configs/base/stream/agent-card-validation/overlay/kustomization.yaml new file mode 100644 index 00000000..58f7d553 --- /dev/null +++ b/konflux-configs/base/stream/agent-card-validation/overlay/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - main diff --git a/konflux-configs/base/stream/agent-card-validation/overlay/main/kustomization.yaml b/konflux-configs/base/stream/agent-card-validation/overlay/main/kustomization.yaml new file mode 100644 index 00000000..ee91a764 --- /dev/null +++ b/konflux-configs/base/stream/agent-card-validation/overlay/main/kustomization.yaml @@ -0,0 +1,10 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +nameSuffix: -main + +components: + - ../../base/ + +configurations: + - kustomizeconfig.yaml diff --git a/konflux-configs/base/stream/agent-card-validation/overlay/main/kustomizeconfig.yaml b/konflux-configs/base/stream/agent-card-validation/overlay/main/kustomizeconfig.yaml new file mode 100644 index 00000000..7ea34dcb --- /dev/null +++ b/konflux-configs/base/stream/agent-card-validation/overlay/main/kustomizeconfig.yaml @@ -0,0 +1,21 @@ +nameReference: +- kind: Project + version: v1beta1 + group: projctl.konflux.dev + fieldSpecs: + - path: spec/project + kind: ProjectDevelopmentStreamTemplate + group: projctl.konflux.dev + version: v1beta1 + - path: spec/project + kind: ProjectDevelopmentStream + group: projctl.konflux.dev + version: v1beta1 +- kind: ProjectDevelopmentStreamTemplate + version: v1beta1 + group: projctl.konflux.dev + fieldSpecs: + - path: spec/template/name + kind: ProjectDevelopmentStream + group: projctl.konflux.dev + version: v1beta1 diff --git a/konflux-configs/base/stream/kustomization.yaml b/konflux-configs/base/stream/kustomization.yaml index effce8ea..ff07cba7 100644 --- a/konflux-configs/base/stream/kustomization.yaml +++ b/konflux-configs/base/stream/kustomization.yaml @@ -5,3 +5,4 @@ resources: - rhtas/overlay - policy-controller/overlay - model-validation/overlay + - agent-card-validation/overlay