feat(ISV-5783): Use new SBOM generation workflow

[jedinym]

With the refactoring of the SBOM generation process (konflux-ci/release-service-utils#418, konflux-ci/release-service-utils#415, konflux-ci/release-service-utils#399), we can simplify the rh-advisories pipeline.

The SBOM generation task are now only dependent on apply-mapping.

Changes

• The populate-release-notes Task no longer generates data used to generate SBOMs.
• The push-rpm-data-to-pyxis Task no longer exports a result with the SBOM directory.
• The update-component-sbom Task is no longer dependent on populate-release-notes and push-rpm-data-to-pyxis.
• The create-product-sbom Task is no longer dependent on populate-release-notes.

Relevant Jira

https://issues.redhat.com/browse/ISV-5783

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[jedinym]

/ok-to-test

[jedinym]

/retest

[jedinym]

/retest

[jedinym]

/retest

[jedinym]

/retest

[jedinym]

/retest

[jedinym]

/retest

[jedinym]

@konflux-ci/release-service-maintainers The E2E tests are not cooperating, could you please take a look in the meantime?

[mmalina]

@konflux-ci/release-service-maintainers The E2E tests are not cooperating, could you please take a look in the meantime?

I will review later today. Meanwhile, Scott merged another PR that changed the pipeline, so you will need to resolve conflicts (likely just the version and readme).

[mmalina]

A few small comments, but overall it looks good.

[jedinym]

/retest

[jedinym]

/retest

[jedinym]

/retest

[jedinym]

Blocked by konflux-ci/release-service-utils#436

[jedinym]

@konflux-ci/release-service-maintainers Once the release-service-utils release is resolved, this PR is ready to merge. It's important for us that we get this into staging today.

[johnbieren]

@konflux-ci/release-service-maintainers Once the release-service-utils release is resolved, this PR is ready to merge. It's important for us that we get this into staging today.

You don't even have passing unit tests

[jedinym]

@konflux-ci/release-service-maintainers could you please try rerunning the GH actions?

[mmalina]

@konflux-ci/release-service-maintainers could you please try rerunning the GH actions?

Triggered now. I noticed these issues with github assigning runners elsewhere too.

[johnbieren]

Noting that this has passing e2e right now so once the README thing is fixed and it is rebased, we should be able to merge without e2e

[johnbieren]

Can you squash the commits when you rebase?

[mmalina]

LGTM, once Johnny's remaining thread is addressed.

[johnbieren]

Merging without waiting for e2e, as it had passing e2e and only a text file changed