Officialv1.0.03 scenarios
Tekton
Tekton pipeline guidance for credentials, finally tasks, and shared-workspace safety.
deploywhisper skill install tekton
How to use this skill
1. Install it locally
Use the install command above from any DeployWhisper app checkout that has the installer enabled.
2. Run analysis on matching artifacts
This skill activates when files or content patterns below are detected during analysis.
3. Verify behavior
Published registry data currently includes 3 deterministic scenarios for this skill.
Metadata
Author
DeployWhisper
Version
1.0.0
License
MIT
Scenarios
3
Tags
Triggers
- pipeline.yaml
- pipelinerun.yaml
- task.yaml
Content patterns
- tekton.dev/
Guidance excerpt
Critical risk patterns
- Mounting shared credentials into every task leaks secrets far beyond the intended build step = HIGH
- Changes to `finally` tasks can skip cleanup, approval, or promotion gates = HIGH
- Shared PVC workspaces across concurrent runs create artifact races and nondeterministic builds = MEDIUM
- Floating task image tags change pipeline behavior outside code review = HIGH
Review cues
- Review credential scope, shared workspace usage, and finally-task behavior together for Tekton changes.
- Prefer deterministic roll-forward or rollback steps over hand-wavy remediation notes.