Getting started with Enterprise Contract & Konflux CI
Creating an application
If you don’t already have an application defined in Konflux, follow the getting started guide here. Once that’s done you should have an application with at least one component.
To get the most out of Enterprise Contract it’s recommended that you also upgrade to a custom build pipeline as described here.
Creating an integration test
To run the Enterprise Contract pipeline automatically after each build, an integration test is used. One should be automatically created when a new application is created. The process of recreating it manually is described here.
| You can view the definitions of the Enterprise Contract pipeline, and the Enterprise Contract task. |
If you prefer to pin the pipeline bundle to a particular version, instead of using the devel tag, use one of the pinned tags
visible here.
Note that the name of the tag matches a commit sha in the build-definitions repo.
You could also use a container image digest to pin to more securely.
|
| In the future it will be possible to use a git resolver to specify the pipeline definition in its git repo instead of as a Tekton bundle image reference. It’s expected this will become the preferred way to specify the integration test pipeline. |
Viewing Enterprise Contract results
With the Enterprise Contract integration test created, each successful build pipeline run will trigger an integration test pipeline run. You can find the integration test pipeline runs by clicking the integration test under the "Integration Tests" tab.
The Enterprise Contract results can be seen under the "Security" tab, for example this shows a passing Enterprise Contract test:
The raw output from the Enterprise Contract task is YAML formatted and can be seen in the pipeline run logs, particularly under the "STEP-REPORT" heading:
