Skip to content

Commit 04d6bc5

Browse files
amissteaamisstea
committed
Disable index signing
This is meant to be temporary until we fix the signing process to request signatures for the correct manifests.
1 parent 017eec2 commit 04d6bc5

File tree

1 file changed

+61
-61
lines changed

1 file changed

+61
-61
lines changed

ansible/roles/operator-pipeline/templates/openshift/pipelines/operator-release-pipeline.yml

Lines changed: 61 additions & 61 deletions
Original file line numberDiff line numberDiff line change
@@ -424,72 +424,72 @@ spec:
424424
value: "$(params.kerberos_keytab_secret_key)"
425425

426426
# send UMB message for RADAS to sign the container image
427-
- name: request-signature
428-
runAfter:
429-
- publish-bundle
430-
taskRef:
431-
name: request-signature
432-
params:
433-
- name: pipeline_image
434-
value: "$(params.pipeline_image)"
435-
- name: manifest_digest
436-
value: "$(tasks.publish-bundle.results.manifest_digests)"
437-
- name: reference
438-
value: "$(tasks.publish-bundle.results.docker_references)"
439-
- name: requester
440-
value: "amisstea"
441-
- name: sig_key_id
442-
value: "$(tasks.set-env.results.sig_key_id)"
443-
- name: sig_key_name
444-
value: "$(tasks.set-env.results.sig_key_name)"
445-
- name: umb_ssl_secret_name
446-
value: "$(params.pyxis_ssl_secret_name)"
447-
- name: umb_ssl_cert_secret_key
448-
value: "$(params.pyxis_ssl_cert_secret_key)"
449-
- name: umb_ssl_key_secret_key
450-
value: "$(params.pyxis_ssl_key_secret_key)"
451-
- name: umb_client_name
452-
value: "$(tasks.set-env.results.umb_client_name)"
453-
- name: umb_url
454-
value: "$(tasks.set-env.results.umb_url)"
455-
workspaces:
456-
- name: source
457-
workspace: repository
458-
subPath: signing
427+
# - name: request-signature
428+
# runAfter:
429+
# - publish-bundle
430+
# taskRef:
431+
# name: request-signature
432+
# params:
433+
# - name: pipeline_image
434+
# value: "$(params.pipeline_image)"
435+
# - name: manifest_digest
436+
# value: "$(tasks.publish-bundle.results.manifest_digests)"
437+
# - name: reference
438+
# value: "$(tasks.publish-bundle.results.docker_references)"
439+
# - name: requester
440+
# value: "amisstea"
441+
# - name: sig_key_id
442+
# value: "$(tasks.set-env.results.sig_key_id)"
443+
# - name: sig_key_name
444+
# value: "$(tasks.set-env.results.sig_key_name)"
445+
# - name: umb_ssl_secret_name
446+
# value: "$(params.pyxis_ssl_secret_name)"
447+
# - name: umb_ssl_cert_secret_key
448+
# value: "$(params.pyxis_ssl_cert_secret_key)"
449+
# - name: umb_ssl_key_secret_key
450+
# value: "$(params.pyxis_ssl_key_secret_key)"
451+
# - name: umb_client_name
452+
# value: "$(tasks.set-env.results.umb_client_name)"
453+
# - name: umb_url
454+
# value: "$(tasks.set-env.results.umb_url)"
455+
# workspaces:
456+
# - name: source
457+
# workspace: repository
458+
# subPath: signing
459459

460-
- name: upload-signature
461-
runAfter:
462-
- request-signature
463-
taskRef:
464-
name: upload-signature
465-
params:
466-
- name: pipeline_image
467-
value: "$(params.pipeline_image)"
468-
- name: signature_data_file
469-
value: "$(tasks.request-signature.results.signature_data_file)"
470-
- name: pyxis_ssl_secret_name
471-
value: "$(params.pyxis_ssl_secret_name)"
472-
- name: pyxis_ssl_cert_secret_key
473-
value: "$(params.pyxis_ssl_cert_secret_key)"
474-
- name: pyxis_ssl_key_secret_key
475-
value: "$(params.pyxis_ssl_key_secret_key)"
476-
- name: pyxis_url
477-
value: "$(tasks.set-env.results.pyxis_url)"
478-
- name: signing_pub_secret_name
479-
value: "$(params.signing_pub_secret_name)"
480-
- name: signing_pub_secret_key
481-
value: "$(params.signing_pub_secret_key)"
482-
- name: verify_signature
483-
value: "true"
484-
workspaces:
485-
- name: source
486-
workspace: repository
487-
subPath: signing
460+
# - name: upload-signature
461+
# runAfter:
462+
# - request-signature
463+
# taskRef:
464+
# name: upload-signature
465+
# params:
466+
# - name: pipeline_image
467+
# value: "$(params.pipeline_image)"
468+
# - name: signature_data_file
469+
# value: "$(tasks.request-signature.results.signature_data_file)"
470+
# - name: pyxis_ssl_secret_name
471+
# value: "$(params.pyxis_ssl_secret_name)"
472+
# - name: pyxis_ssl_cert_secret_key
473+
# value: "$(params.pyxis_ssl_cert_secret_key)"
474+
# - name: pyxis_ssl_key_secret_key
475+
# value: "$(params.pyxis_ssl_key_secret_key)"
476+
# - name: pyxis_url
477+
# value: "$(tasks.set-env.results.pyxis_url)"
478+
# - name: signing_pub_secret_name
479+
# value: "$(params.signing_pub_secret_name)"
480+
# - name: signing_pub_secret_key
481+
# value: "$(params.signing_pub_secret_key)"
482+
# - name: verify_signature
483+
# value: "true"
484+
# workspaces:
485+
# - name: source
486+
# workspace: repository
487+
# subPath: signing
488488

489489
# Publish Vendor, Repository
490490
- name: publish-resources
491491
runAfter:
492-
- upload-signature
492+
- publish-bundle
493493
taskRef:
494494
name: publish-resources
495495
params:

0 commit comments

Comments
 (0)