diff --git a/src/main/java/rest/TektonPipeline.java b/src/main/java/rest/TektonPipeline.java
new file mode 100644
index 0000000..72d379b
--- /dev/null
+++ b/src/main/java/rest/TektonPipeline.java
@@ -0,0 +1,68 @@
+package rest;
+
+import javax.inject.Inject;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.core.MediaType;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+
+import io.fabric8.tekton.client.TektonClient;
+import io.fabric8.tekton.pipeline.v1beta1.ArrayOrString;
+import io.fabric8.tekton.pipeline.v1beta1.Param;
+import io.fabric8.tekton.pipeline.v1beta1.TaskRun;
+import io.fabric8.tekton.pipeline.v1beta1.TaskRunBuilder;
+
+public class TektonPipeline {
+
+    public static final String NAMESPACE = "pct-security-tooling";
+    public static final String BUILD_ID = "buildId";
+    public static final String SCAN_PROFILE = "scanProfile";
+    public static final String TASK_REFERENCE = "osh-scan-task";
+    public static final String SERVICE_ACCOUNT = "osh-wrapper-client-sa";
+
+    @Inject
+    TektonClient tektonClient;
+
+    public String listPipelines() {
+        
+        List<String> pipelineList = new ArrayList<>();
+            
+            tektonClient.v1beta1().pipelines()
+            .inNamespace(NAMESPACE)
+            .list()
+            .getItems()
+            .forEach(p -> pipelineList.add(p.getMetadata().getName()));
+
+        return pipelineList.toString();
+    }
+
+    public String invokeScanTask(String buildId) {
+        // String buildId = "xterm-366-8.el9";
+        String scanProfile = "snyk-only-unstable";
+        
+        // random taskrun name generating for now
+        TaskRun taskRun = new TaskRunBuilder().withNewMetadata().withName("osh-scan-taskrun-" + RandomStringUtils.randomAlphanumeric(8).toLowerCase())
+                    .endMetadata()
+                    .withNewSpec()
+                    .withServiceAccountName(SERVICE_ACCOUNT)
+                    .withNewTaskRef()
+                    .withName(TASK_REFERENCE)
+                    .endTaskRef()
+                    .withParams(
+                            new Param("buildId", new ArrayOrString(buildId)),
+                            new Param("scanProfile", new ArrayOrString(scanProfile)))
+                    .endSpec()
+                    .build();
+
+        tektonClient.v1beta1().taskRuns().inNamespace(NAMESPACE).resource(taskRun).create();           
+        
+
+        return "Scan invoked";
+    }
+
+}