templates/secure-go-service/template.yaml

apiVersion: scaffolder.backstage.io/v1beta3
kind: Template
metadata:
  name: secure-go-service
  title: Secure Go Service
  description: |
    Scaffold a new Go HTTP service wired to the RHADS supply chain:
    Tekton pipeline (build → SBOM → cosign sign → bombastic upload),
    ArgoCD Application for declarative deploy, and a catalog-info.yaml
    pre-populated with Tekton/ArgoCD/Kubernetes plugin annotations.    
  tags:
    - golang
    - secure
    - rhads
spec:
  owner: platform
  type: service
  parameters:
    - title: Service basics
      required:
        - name
        - description
      properties:
        name:
          title: Name
          type: string
          description: Lowercase, no spaces; used for the namespace and app name.
          pattern: '^[a-z][a-z0-9-]{1,30}[a-z0-9]$'
        description:
          title: Description
          type: string
        owner:
          title: Owner
          type: string
          default: platform
    # No second page: repository destination is computed from `name`
    # in the publish step. The lab has exactly one Gitea host and one
    # org (`openshift-lab`), so asking the user to confirm them adds
    # ceremony without choice.
  steps:
    - id: fetch-base
      name: Fetch scaffold
      action: fetch:template
      input:
        url: ./skeleton
        values:
          name: ${{ parameters.name }}
          description: ${{ parameters.description }}
          owner: ${{ parameters.owner }}
    - id: publish
      name: Publish to Gitea
      action: publish:gitea
      input:
        repoUrl: gitea.apps.lab.hibachi.ninja?owner=openshift-lab&repo=${{ parameters.name }}
        defaultBranch: master
        description: ${{ parameters.description }}
    - id: register
      name: Register in catalog
      action: catalog:register
      input:
        repoContentsUrl: ${{ steps.publish.output.repoContentsUrl }}
        catalogInfoPath: /catalog-info.yaml
  output:
    links:
      - title: Open in catalog
        icon: catalog
        entityRef: ${{ steps.register.output.entityRef }}
      - title: Source
        icon: git
        url: ${{ steps.publish.output.remoteUrl }}