Skip to main content

How to Manage Trigger Owner Verification in Tekton?

Tekton provides a feature to control which commits can trigger Tekton pipelines, enhancing security by preventing the execution of potentially harmful scripts from unauthorized contributors. This is achieved through the use of Tekton Interceptors, which verify whether the individual initiating a pull request is an owner of the repository (i.e., has write access) before permitting pipeline execution. For more details consult official GitHub documentation.

This functionality is enabled by default. To disable it, you need to update the relevant flag in the values.yaml file during the installation of Tekton.

values.yaml
githubOwners:
  enabled: false