Merge branch '31-tekton-pipelinerun-and-taskrun-pruning' into 'main'

Resolve "Tekton PipelineRun and TaskRun pruning"

Closes #31

See merge request pct-security/covscanrest!21

hack/sample-pssaas-big.json

@@ -0,0 +1,45 @@
+{
+    "product-id": "jochrist-dev-test-rhbq",
+    "is-managed-service": false,
+    "cpaas-version": "latest",
+    "component-list":[
+    {"build-id":"AZ2HRIN2S7AAC","type":"pnc"},
+    {"build-id":"AZ2JABY727AAA","type":"pnc"},
+    {"build-id":"AZ2JRSQZC7AAC","type":"pnc"},
+    {"build-id":"AZ2Z2WLAK7AAC","type":"pnc"},
+    {"build-id":"AZ4AMGCV27AAC","type":"pnc"},
+    {"build-id":"AZ4A5CSJC7AAC","type":"pnc"},
+    {"build-id":"AZ4B7LCNC7AAC","type":"pnc"},
+    {"build-id":"AZ4CLXF4K7AAC","type":"pnc"},
+    {"build-id":"AZ4CMZK6S7AAC","type":"pnc"},
+    {"build-id":"AZ4C62YEC7AAC","type":"pnc"},
+    {"build-id":"AZ4DGFNK27AAC","type":"pnc"},
+    {"build-id":"AZ4DIMTNS7AAC","type":"pnc"},
+    {"build-id":"AZ4KSFVIC7AAC","type":"pnc"},
+    {"build-id":"AZ4VFB7XK7AAC","type":"pnc"},
+    {"build-id":"AZ4WLXXFC7AAC","type":"pnc"},
+    {"build-id":"AZ5JPS7SK7AAC","type":"pnc"},
+    {"build-id":"AZ5LC7M327AAC","type":"pnc"},
+    {"build-id":"AZ5LQCKAC7AAC","type":"pnc"},
+    {"build-id":"AZ5LW6NGS7AAC","type":"pnc"},
+    {"build-id":"AZ5MHDELK7AAC","type":"pnc"},
+    {"build-id":"AZ5ONFXEC7AAC","type":"pnc"},
+    {"build-id":"AZ5P2MUBK7AAC","type":"pnc"},
+    {"build-id":"AZ5QJ7VPK7AAC","type":"pnc"},
+    {"build-id":"AZ5RPXHM27AAC","type":"pnc"},
+    {"build-id":"AZ5SRVAG27AAC","type":"pnc"},
+    {"build-id":"AZ56V4B4K7AAC","type":"pnc"},
+    {"build-id":"AZ5642PZS7AAC","type":"pnc"},
+    {"build-id":"AZ6ATGHXC7AAC","type":"pnc"},
+    {"build-id":"AZ6XRDLCS7AAC","type":"pnc"},
+    {"build-id":"AZ6YYPCZK7AAC","type":"pnc"},
+    {"build-id":"AZ62QFTQ27AAC","type":"pnc"},
+    {"build-id":"AZ65EUXBC7AAC","type":"pnc"},
+    {"build-id":"AZ65VXKKC7AAC","type":"pnc"},
+    {"build-id":"A2ARB7X3S7AAC","type":"pnc"},
+    {"build-id":"A2ARDJ7MS7AAC","type":"pnc"},
+    {"build-id":"A2ARENQ4S7AAC","type":"pnc"},
+    {"build-id":"A2ARFRPLC7AAC","type":"pnc"}
+    ]
+}
+

k8s/stage/osh-client-tekton/tekton-cleanup-cronjob.yaml

@@ -0,0 +1,23 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: tekton-terminator
+  namespace: pct-security-tooling
+spec:
+  schedule: "*/50 * * * *"
+  concurrencyPolicy: Forbid
+  backoffLimit: 2
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          serviceAccountName: osh-wrapper-tekton-terminator-sa
+          containers:
+          - name: tekton-cleanup
+            image: quay.io/openshift-pipeline/openshift-pipelines-cli-tkn:1.11
+            imagePullPolicy: IfNotPresent
+            command:
+            - /bin/sh
+            - -c
+            - tkn pipelinerun delete --keep 10 -f && tkn taskrun delete --keep 40 -f
+          restartPolicy: Never

k8s/stage/osh-client-tekton/tekton-terminator-sa-rbac.yaml

@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: pct-security-tooling
+  name: osh-wrapper-tekton-terminator-sa
+  labels: 
+    app.kubernetes.io/name: osh-wrapper-tekton-terminator
+    env: stage
+imagePullSecrets:
+  - name: pct-security-osh-wrapper-client-pull-secret
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: osh-wrapper-tekton-terminator
+  labels:
+    app.kubernetes.io/component: tekton
+  namespace: pct-security-tooling
+rules:
+- apiGroups:
+  - tekton.dev
+  resources:
+  - taskruns
+  - pipelineruns
+  verbs:
+  - get
+  - list
+  - delete
+  - update
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: osh-wrapper-tekton-terminator-rolebinding
+  namespace: pct-security-tooling
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: osh-wrapper-tekton-terminator
+subjects:
+- kind: ServiceAccount
+  name: osh-wrapper-tekton-terminator-sa
+