fix: remove docker

.build/build.yaml

@@ -4,7 +4,6 @@ spec:
   workspaces:
   - name: source
   - name: source-tkn
-  - name: source-git-init
   - name: cache
   tasks:
     ### security scan
@@ -440,95 +439,6 @@ spec:
         - name: tool-image
           value: registry.alauda.cn:60080/devops/builder-go:latest
 
-    # clone git-init
-    - name: clone-git-init
-      timeout: 30m
-      retries: 1
-      taskRef:
-        kind: ClusterTask
-        name: alauda-git-clone
-      workspaces:
-        - name: source
-          workspace: source-git-init
-      params:
-        - name: url
-          value: "https://github.com/tektoncd-catalog/git-clone.git"
-        - name: revision
-          # this component is not released yet, so use the latest commit
-          # value: "refs/heads/main"
-          value: "b33cc3e770a41900b59c197412c0c8ab9fa5a026"
-    # modify the .ko.yaml
-    - name: modify-git-init-koyaml
-      timeout: 30m
-      retries: 1
-      taskRef:
-        kind: ClusterTask
-        name: run-script
-      workspaces:
-        - name: source
-          workspace: source-git-init
-      runAfter:
-        - clone-git-init
-      params:
-        - name: tool-image
-          value: registry.alauda.cn:60080/devops/builder-go:latest
-        - name: command
-          value: |
-            # copy files to kodata, avoid next step build error
-            rm -rf image/git-init/kodata/LICENSE image/git-init/kodata/third_party
-            cp -rf LICENSE image/git-init/kodata/
-
-            export GOPROXY=https://build-nexus.alauda.cn/repository/golang/,https://goproxy.cn,direct
-            export CGO_ENABLED=0
-            export GONOSUMDB=*
-
-            # modify th go.mod to fix vuln
-            cd image/git-init/
-            go get golang.org/x/net@v0.40.0
-            go get google.golang.org/grpc@v1.56.3
-            go get google.golang.org/protobuf@v1.33.0
-            go mod tidy
-            go mod vendor
-
-            cat <<EOF > .ko.yaml
-            defaultBaseImage: build-harbor.alauda.cn/ops/distroless-static-nonroot:20220806
-            baseImageOverrides:
-              # git-init uses a base image that includes Git, and supports running either
-              # as root or as user nonroot with UID 65532.
-              # image is from: https://gitlab-ce.alauda.cn/ops/edge-devops-task/blob/master/images/chainguard/git/Dockerfile
-              github.com/tektoncd-catalog/git-clone/git-init: build-harbor.alauda.cn/devops/nonroot/chainguard/git@sha256:b89a071b7d5ddf5524d6ce8ed39dcfcf415c88447a667447c0b694a148f2b184
-            EOF
-
-    ## ko publish image
-    - name: build-git-init
-      timeout: 30m
-      retries: 1
-      taskRef:
-        kind: ClusterTask
-        name: alauda-ko-build
-      workspaces:
-        - name: source
-          subPath: image/git-init
-          workspace: source-git-init
-        - name: cache
-          workspace: cache
-      runAfter:
-        - oss-version
-        - modify-git-init-koyaml
-      params:
-        - name: verbose
-          value: "false"
-        - name: ko-version
-          value: "0.15.1"
-        - name: import-path
-          value: "github.com/tektoncd-catalog/git-clone/git-init"
-        - name: container-image
-          value: "build-harbor.alauda.cn/devops/tektoncd/pipeline/cmd/git-init"
-        - name: container-image-tag
-          value: v$(tasks.oss-version.results.oss-version)-$(tasks.oss-version.results.commit-short-id)
-        - name: tool-image
-          value: registry.alauda.cn:60080/devops/builder-go:latest
-
     #################
     # code-scan
     #################
@@ -649,38 +559,6 @@ spec:
             - db.skip-update=false
             - db.repository=build-harbor.alauda.cn/ops/aquasecurity/trivy-db
 
-    - name: trivy-scan-git-init
-      timeout: 30m
-      retries: 1
-      taskRef:
-        resolver: katanomi.hub
-        params:
-          - name: kind
-            value: task
-          - name: name
-            value: trivy-image-scan
-      workspaces:
-        - name: source
-          workspace: source
-        - name: cache
-          workspace: cache
-      when:
-      - input: $(build.git.revision.type)
-        operator: in
-        values:
-        - "PullRequest"
-      params:
-        - name: targets
-          value:
-            - $(tasks.build-git-init.results.ociContainerImageBuild-url)
-        - name: quality-gate-rules
-          value:
-            - severity=Critical
-        - name: scan-flags
-          value:
-            - db.skip-update=false
-            - db.repository=build-harbor.alauda.cn/ops/aquasecurity/trivy-db
-
   #################
   # runTemplate
   #################
@@ -690,14 +568,6 @@ spec:
       - name: cache
         persistentVolumeClaim:
           claimName: build-cache
-      - name: source-git-init
-        volumeClaimTemplate:
-          spec:
-            accessModes:
-              - ReadWriteOnce
-            resources:
-              requests:
-                storage: 1000Mi
       - name: source-tkn
         volumeClaimTemplate:
           spec:
@@ -753,26 +623,6 @@ spec:
                 requests:
                   cpu: 50m
                   memory: 50Mi
-        - pipelineTaskName: build-git-init
-          stepOverrides:
-            - name: build
-              resources:
-                requests:
-                  cpu: "4"
-                  memory: "4Gi"
-                limits:
-                  cpu: "6"
-                  memory: "6Gi"
-        - pipelineTaskName: modify-git-init-koyaml
-          stepOverrides:
-            - name: run
-              resources:
-                requests:
-                  cpu: "500m"
-                  memory: "512Mi"
-                limits:
-                  cpu: "1"
-                  memory: "1Gi"
         - pipelineTaskName: modify-tkn-koyaml
           stepOverrides:
             - name: run

DEVELOPMENT.md

@@ -13,7 +13,7 @@ First, you may want to [Ramp up](#ramp-up) on Kubernetes and Custom Resource Def
 1. [Building and deploying](#building-and-deploying) Tekton source code from a local clone.
     1. [Setup a Kubernetes cluster](#setup-a-kubernetes-cluster)
     1. [Configure kubectl to use your cluster](https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/)
-    1. [Set up a docker repository 'ko' can push images to](https://github.com/knative/serving/blob/4a8c859741a4454bdd62c2b60069b7d05f5468e7/docs/setting-up-a-docker-registry.md)
+    1. [Set up a registry repository 'ko' can push images to](https://github.com/knative/serving/blob/4a8c859741a4454bdd62c2b60069b7d05f5468e7/docs/setting-up-a-registry-registry.md)
 1. [Developing and testing](#developing-and-testing) Tekton pipelines
     1. Learn how to [iterate](#iterating-on-code-changes) on code changes
     1. [Managing Tekton Objects using `ko`](#managing-tekton-objects-using-ko) in Kubernetes
@@ -110,7 +110,7 @@ To [build, deploy and run your Tekton Objects with `ko`](#install-pipeline), you
 
     If it is not set, `ko` infers the location by effectively using `go env GOROOT`.
 
-1. `KO_DOCKER_REPO`: The docker repository to which developer images should be pushed.
+1. `KO_DOCKER_REPO`: The registry repository to which developer images should be pushed.
 For example:
     - Using **Google Container Registry (GCR)**:
 
@@ -119,14 +119,14 @@ For example:
         export KO_DOCKER_REPO='gcr.io/my-gcloud-project-name'
         ```
 
-    - Using **Docker Desktop** (Docker Hub):
+    - Using **Desktop Registry** (registry hub):
 
         ```shell
-        # format: 'docker.io/${DOCKER_HUB_USERNAME}'
-        export KO_DOCKER_REPO='docker.io/my-dockerhub-username'
+        # format: 'registry.example.com/${REGISTRY_USERNAME}'
+        export KO_DOCKER_REPO='registry.example.com/my-username'
         ```
 
-    - You can also [host your own Docker Registry server](https://docs.docker.com/registry/deploying/) and reference it:
+    - You can also [host your own registry server](https://distribution.github.io/distribution/) and reference it:
 
         ```shell
         # format: ${localhost:port}/{}
@@ -189,18 +189,18 @@ Depending on your chosen container registry that you set in the `KO_DOCKER_REPO`
 
 <!-- TODO: Need instructions for MiniKube -->
 
-#### Using Docker Desktop (Docker Hub)
+#### Using registry Desktop (registry Hub)
 
-Docker Desktop provides seamless integration with both a local (default) image registry as well as Docker Hub remote registries.  To use Docker Hub registries with `ko`, all you need do is to configure Docker Desktop with your Docker ID and password in its dashboard.
+registry Desktop provides seamless integration with both a local (default) image registry as well as registry Hub remote registries.  To use registry Hub registries with `ko`, all you need do is to configure registry Desktop with your registry ID and password in its dashboard.
 
 #### Using Google Container Registry (GCR)
 If using GCR with `ko`, make sure to configure
-[authentication](https://cloud.google.com/container-registry/docs/advanced-authentication#standalone_docker_credential_helper)
+[authentication](https://cloud.google.com/container-registry/docs/advanced-authentication#standalone_registry_credential_helper)
 for your `KO_DOCKER_REPO` if required. To be able to push images to
 `gcr.io/<project>`, you need to run this once:
 
 ```shell
-gcloud auth configure-docker
+gcloud auth configure-registry
 ```
 
 To be able to pull images from `gcr.io/<project>`, please follow the instructions [here](https://cloud.google.com/container-registry/docs/access-control#grant) to configure IAM policies for the services that will pull iamges from your GCR. 
@@ -221,18 +221,18 @@ is in a different project than your GCR registry, you will need to provide the T
 controller and webhook service accounts with GCR credentials.
 See documentation on [using GCR with GKE](https://cloud.google.com/container-registry/docs/using-with-google-cloud-platform#gke)
 for more information.
-To do this, create a secret for your docker credentials and reference this secret from the controller and webhook service accounts,
+To do this, create a secret for your registry credentials and reference this secret from the controller and webhook service accounts,
 as follows.
 
 1. Create a secret, for example:
 
     ```yaml
     kubectl create secret generic ${SECRET_NAME} \
-    --from-file=.dockerconfigjson=<path/to/.docker/config.json> \
+    --from-file=.dockerconfigjson=<path/to/.registry/config.json> \
     --type=kubernetes.io/dockerconfigjson \
     --namespace=tekton-pipelines
     ```
-   See [Configuring authentication for Docker](./docs/auth.md#configuring-authentication-for-docker)
+   See [Configuring authentication for registry](./docs/auth.md#configuring-authentication-for-registry)
    for more detailed information on creating secrets containing registry credentials.
 
 2. Update the `tekton-pipelines-controller` and `tekton-pipelines-webhook` service accounts
@@ -284,7 +284,7 @@ The recommended minimum development configuration is:
 [Kind](https://kind.sigs.k8s.io/) is a great tool for working with Kubernetes clusters locally. It is particularly useful to quickly test code against different cluster [configurations](https://kind.sigs.k8s.io/docs/user/quick-start/#advanced).
 
 1. Install [required tools](./DEVELOPMENT.md#install-tools) (note: may require a newer version of Go).
-2. Install [Docker](https://www.docker.com/get-started).
+2. Install [registry](https://www.registry.com/get-started).
 3. Create cluster:
 
    ```sh
@@ -304,9 +304,9 @@ optional: As a convenience, the [Tekton plumbing project](https://github.com/tek
 
 - Follow the instructions for [running locally with Minikube](docs/developers/local-setup.md#using-minikube)
 
-#### Using Docker Desktop
+#### Using registry Desktop
 
-- Follow the instructions for [running locally with Docker Desktop](docs/developers/local-setup.md#using-docker-desktop)
+- Follow the instructions for [running locally with registry Desktop](docs/developers/local-setup.md#using-registry-desktop)
 
 #### Using GKE
 

docs/additional-configs.md

@@ -516,18 +516,18 @@ The following checks were performed on each of these signatures:
 {
   "Critical": {
     "Identity": {
-      "docker-reference": "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/controller"
+      "registry-reference": "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/controller"
     },
     "Image": {
-      "Docker-manifest-digest": "sha256:0c320bc09e91e22ce7f01e47c9f3cb3449749a5f72d5eaecb96e710d999c28e8"
+      "registry-manifest-digest": "sha256:0c320bc09e91e22ce7f01e47c9f3cb3449749a5f72d5eaecb96e710d999c28e8"
     },
     "Type": "Tekton container signature"
   },
   "Optional": {}
 }
 ```
 
-The verification shows a list of checks performed and returns the digest in `Critical.Image.Docker-manifest-digest`
+The verification shows a list of checks performed and returns the digest in `Critical.Image.registry-manifest-digest`
 which can be used to retrieve the provenance from the transparency logs for that image using `rekor-cli`.
 
 ### Verify the transparency logs using `rekor-cli`
@@ -539,7 +539,7 @@ go install -v github.com/sigstore/rekor/cmd/rekor-cli@latest
 ```
 
 Now, use the digest collected from the previous [section](#verify-signatures-using-cosign) in
-`Critical.Image.Docker-manifest-digest`, for example,
+`Critical.Image.registry-manifest-digest`, for example,
 `sha256:0c320bc09e91e22ce7f01e47c9f3cb3449749a5f72d5eaecb96e710d999c28e8`.
 
 Search the transparency log with the digest just collected: