Skip to content

Commit 31fcf81

Browse files
ingvagabundingvagabund
authored
Merge pull request #532 from ingvagabund/release-4.16
no-jira: Update the latest tekton changes
2 parents 93d9151 + e0e95f7 commit 31fcf81

4 files changed

+564
-60
lines changed

.tekton/kube-descheduler-operator-4-16-pull-request.yaml

Lines changed: 141 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ metadata:
66
build.appstudio.redhat.com/commit_sha: '{{revision}}'
77
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
88
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
9+
pipelinesascode.tekton.dev/cancel-in-progress: "true"
910
pipelinesascode.tekton.dev/max-keep-runs: "3"
1011
pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch
1112
== "release-4.16"
@@ -44,7 +45,7 @@ spec:
4445
- name: name
4546
value: show-sbom
4647
- name: bundle
47-
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:945a7c9066d3e0a95d3fddb7e8a6992e4d632a2a75d8f3a9bd2ff2fef0ec9aa0
48+
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:002f7c8c1d2f9e09904035da414aba1188ae091df0ea9532cd997be05e73d594
4849
- name: kind
4950
value: task
5051
resolver: bundles
@@ -105,6 +106,11 @@ spec:
105106
description: Path to a file with build arguments for buildah, see https://www.mankier.com/1/buildah-build#--build-arg-file
106107
name: build-args-file
107108
type: string
109+
- default: "false"
110+
description: Whether to enable privileged mode, should be used only with remote
111+
VMs
112+
name: privileged-nested
113+
type: string
108114
- default:
109115
- linux/x86_64
110116
- linux/arm64
@@ -141,7 +147,7 @@ spec:
141147
- name: name
142148
value: init
143149
- name: bundle
144-
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:0523b51c28375a3f222da91690e22eff11888ebc98a0c73c468af44762265c69
150+
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:7a24924417260b7094541caaedd2853dc8da08d4bb0968f710a400d3e8062063
145151
- name: kind
146152
value: task
147153
resolver: bundles
@@ -162,7 +168,7 @@ spec:
162168
- name: name
163169
value: git-clone-oci-ta
164170
- name: bundle
165-
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:4bf48d038ff12d25bdeb5ab3e98dc2271818056f454c83d7393ebbd413028147
171+
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:8ecf57d5a6697ce709bee65b62781efe79a10b0c2b95e05576442b67fbd61744
166172
- name: kind
167173
value: task
168174
resolver: bundles
@@ -191,7 +197,7 @@ spec:
191197
- name: name
192198
value: prefetch-dependencies-oci-ta
193199
- name: bundle
194-
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.1@sha256:4072f732119864d12ec8e2ff075f01487aaee9df4440166dbe85fdd447865161
200+
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:d48c621ae828a3cbca162e12ec166210d2d77a7ba23b0e5d60c4a1b94491adeb
195201
- name: kind
196202
value: task
197203
resolver: bundles
@@ -226,6 +232,8 @@ spec:
226232
- $(params.build-args[*])
227233
- name: BUILD_ARGS_FILE
228234
value: $(params.build-args-file)
235+
- name: PRIVILEGED_NESTED
236+
value: $(params.privileged-nested)
229237
- name: SOURCE_ARTIFACT
230238
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
231239
- name: CACHI2_ARTIFACT
@@ -239,7 +247,7 @@ spec:
239247
- name: name
240248
value: buildah-remote-oci-ta
241249
- name: bundle
242-
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.2@sha256:389e6691834144113987cd669a6b510e47d2cee55332b940eeb06ce24a9a57a2
250+
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:6a5f714dd0c301ac421c232d2658e336b862681cf0bcbcbf01ef38d8969664e0
243251
- name: kind
244252
value: task
245253
resolver: bundles
@@ -268,7 +276,7 @@ spec:
268276
- name: name
269277
value: build-image-index
270278
- name: bundle
271-
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:a89c141c8d35b2e9d9904c92c9b128f7ccf36681adac7f7422b4537b8bb077e7
279+
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:462ecbf94ec44a8b770d6ef8838955f91f57ee79795e5c18bdc0fcb0df593742
272280
- name: kind
273281
value: task
274282
resolver: bundles
@@ -292,7 +300,7 @@ spec:
292300
- name: name
293301
value: source-build-oci-ta
294302
- name: bundle
295-
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.1@sha256:6686b885af277e7b912143a080d6af7a0372a12c33d66924bbd9bb1aa4d8d0dc
303+
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.2@sha256:56fa2cbfc04bad4765b7fe1fa8022587f4042d4e8533bb5f65311d46b43226ee
296304
- name: kind
297305
value: task
298306
resolver: bundles
@@ -318,7 +326,7 @@ spec:
318326
- name: name
319327
value: deprecated-image-check
320328
- name: bundle
321-
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.4@sha256:5a1a165fa02270f0a947d8a2131ee9d8be0b8e9d34123828c2bef589e504ee84
329+
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:eb8136b543147b4a3e88ca3cc661ca6a11e303f35f0db44059f69151beea8496
322330
- name: kind
323331
value: task
324332
resolver: bundles
@@ -340,7 +348,7 @@ spec:
340348
- name: name
341349
value: clair-scan
342350
- name: bundle
343-
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:0a5421111e7092740398691d5bd7c125cc0896f29531d19414bb5724ae41692a
351+
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:7c73e2beca9b8306387efeaf775831440ec799b05a5f5c008a65bb941a1e91f6
344352
- name: kind
345353
value: task
346354
resolver: bundles
@@ -360,7 +368,7 @@ spec:
360368
- name: name
361369
value: ecosystem-cert-preflight-checks
362370
- name: bundle
363-
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.1@sha256:df8a25a3431a70544172ed4844f9d0c6229d39130633960729f825a031a7dea9
371+
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:dea8d9b4bec3e99d612d799798acf132df48276164b5193ea68f9f3c25ae425b
364372
- name: kind
365373
value: task
366374
resolver: bundles
@@ -386,7 +394,7 @@ spec:
386394
- name: name
387395
value: sast-snyk-check-oci-ta
388396
- name: bundle
389-
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.2@sha256:22ca2db8d94c689dba03d2c257733743cd118759d7af9a68fb08f54a27fd8460
397+
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:89aead32dc21404e4e0913be9668bdd2eea795db3e4caa762fb619044e479cb8
390398
- name: kind
391399
value: task
392400
resolver: bundles
@@ -408,7 +416,125 @@ spec:
408416
- name: name
409417
value: clamav-scan
410418
- name: bundle
411-
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.1@sha256:b4f450f1447b166da671f1d5819ab5a1485083e5c27ab91f7d8b7a2ff994c8c2
419+
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:59094118aa07d5b0199565c4e0b2d0f4feb9a4741877c8716877572e2c4804f9
420+
- name: kind
421+
value: task
422+
resolver: bundles
423+
when:
424+
- input: $(params.skip-checks)
425+
operator: in
426+
values:
427+
- "false"
428+
- name: sast-coverity-check
429+
params:
430+
- name: image-digest
431+
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
432+
- name: image-url
433+
value: $(tasks.build-image-index.results.IMAGE_URL)
434+
- name: IMAGE
435+
value: $(params.output-image)
436+
- name: DOCKERFILE
437+
value: $(params.dockerfile)
438+
- name: CONTEXT
439+
value: $(params.path-context)
440+
- name: HERMETIC
441+
value: $(params.hermetic)
442+
- name: PREFETCH_INPUT
443+
value: $(params.prefetch-input)
444+
- name: IMAGE_EXPIRES_AFTER
445+
value: $(params.image-expires-after)
446+
- name: COMMIT_SHA
447+
value: $(tasks.clone-repository.results.commit)
448+
- name: BUILD_ARGS
449+
value:
450+
- $(params.build-args[*])
451+
- name: BUILD_ARGS_FILE
452+
value: $(params.build-args-file)
453+
- name: SOURCE_ARTIFACT
454+
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
455+
- name: CACHI2_ARTIFACT
456+
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
457+
runAfter:
458+
- coverity-availability-check
459+
taskRef:
460+
params:
461+
- name: name
462+
value: sast-coverity-check-oci-ta
463+
- name: bundle
464+
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:a9a3c472624d0598c28aaa67319e74a807ac1948946002dd7b181d200e672b8b
465+
- name: kind
466+
value: task
467+
resolver: bundles
468+
when:
469+
- input: $(params.skip-checks)
470+
operator: in
471+
values:
472+
- "false"
473+
- input: $(tasks.coverity-availability-check.results.STATUS)
474+
operator: in
475+
values:
476+
- success
477+
- name: coverity-availability-check
478+
runAfter:
479+
- build-image-index
480+
taskRef:
481+
params:
482+
- name: name
483+
value: coverity-availability-check
484+
- name: bundle
485+
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:8b58c4fae00c0dfe3937abfb8a9a61aa3c408cca4278b817db53d518428d944e
486+
- name: kind
487+
value: task
488+
resolver: bundles
489+
when:
490+
- input: $(params.skip-checks)
491+
operator: in
492+
values:
493+
- "false"
494+
- name: sast-shell-check
495+
params:
496+
- name: image-digest
497+
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
498+
- name: image-url
499+
value: $(tasks.build-image-index.results.IMAGE_URL)
500+
- name: SOURCE_ARTIFACT
501+
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
502+
- name: CACHI2_ARTIFACT
503+
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
504+
runAfter:
505+
- build-image-index
506+
taskRef:
507+
params:
508+
- name: name
509+
value: sast-shell-check-oci-ta
510+
- name: bundle
511+
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:57b3262138eb06186ae7375f84ca53788bba2a66cfd03d39cb82c78df050aba5
512+
- name: kind
513+
value: task
514+
resolver: bundles
515+
when:
516+
- input: $(params.skip-checks)
517+
operator: in
518+
values:
519+
- "false"
520+
- name: sast-unicode-check
521+
params:
522+
- name: image-digest
523+
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
524+
- name: image-url
525+
value: $(tasks.build-image-index.results.IMAGE_URL)
526+
- name: SOURCE_ARTIFACT
527+
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
528+
- name: CACHI2_ARTIFACT
529+
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
530+
runAfter:
531+
- build-image-index
532+
taskRef:
533+
params:
534+
- name: name
535+
value: sast-unicode-check-oci-ta
536+
- name: bundle
537+
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.2@sha256:df185dbe4e2852668f9c46f938dd752e90ea9c79696363378435a6499596c319
412538
- name: kind
413539
value: task
414540
resolver: bundles
@@ -428,7 +554,7 @@ spec:
428554
- name: name
429555
value: apply-tags
430556
- name: bundle
431-
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.1@sha256:87fd7fc0e937aad1a8db9b6e377d7e444f53394dafde512d68adbea6966a4702
557+
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.1@sha256:3f89ba89cacf8547261b5ce064acce81bfe470c8ace127794d0e90aebc8c347d
432558
- name: kind
433559
value: task
434560
resolver: bundles
@@ -451,7 +577,7 @@ spec:
451577
- name: name
452578
value: push-dockerfile-oci-ta
453579
- name: bundle
454-
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:80d48a1b9d2707490309941ec9f79338533938f959ca9a207b481b0e8a5e7a93
580+
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:278f84550844c1c050a65536799f4b54e7c203e0ac51393aa75379dd974c82e9
455581
- name: kind
456582
value: task
457583
resolver: bundles
@@ -468,7 +594,7 @@ spec:
468594
- name: name
469595
value: rpms-signature-scan
470596
- name: bundle
471-
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:8f3b23bf1b0ef55cc79d28604d2397a0101ac9c0c42ae26e26532eb2778c801b
597+
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:297c2d8928aa3b114fcb1ba5d9da8b10226b68fed30706e78a6a5089c6cd30e3
472598
- name: kind
473599
value: task
474600
resolver: bundles

0 commit comments

Comments
 (0)