apiVersion: scaffolder.backstage.io/v1beta3 kind: Template metadata: name: secure-go-service title: Secure Go Service description: | Scaffold a new Go HTTP service wired to the RHADS supply chain: Tekton pipeline (build → SBOM → cosign sign → bombastic upload), ArgoCD Application for declarative deploy, and a catalog-info.yaml pre-populated with Tekton/ArgoCD/Kubernetes plugin annotations. tags: - golang - secure - rhads spec: owner: platform type: service parameters: - title: Service basics required: - name - description properties: name: title: Name type: string description: Lowercase, no spaces; used for the namespace and app name. pattern: '^[a-z][a-z0-9-]{1,30}[a-z0-9]$' description: title: Description type: string owner: title: Owner type: string default: platform # No second page: repository destination is computed from `name` # in the publish step. The lab has exactly one Gitea host and one # org (`openshift-lab`), so asking the user to confirm them adds # ceremony without choice. steps: - id: fetch-base name: Fetch scaffold action: fetch:template input: url: ./skeleton values: name: ${{ parameters.name }} description: ${{ parameters.description }} owner: ${{ parameters.owner }} - id: publish name: Publish to Gitea action: publish:gitea input: repoUrl: gitea.apps.lab.hibachi.ninja?owner=openshift-lab&repo=${{ parameters.name }} defaultBranch: master description: ${{ parameters.description }} - id: register name: Register in catalog action: catalog:register input: repoContentsUrl: ${{ steps.publish.output.repoContentsUrl }} catalogInfoPath: /catalog-info.yaml output: links: - title: Open in catalog icon: catalog entityRef: ${{ steps.register.output.entityRef }} - title: Source icon: git url: ${{ steps.publish.output.remoteUrl }}