Skip to content

Commit 9bef7f9

Browse files
ingvagabundingvagabund
authored
Merge pull request #631 from ricardomaraschini/update-tekton-pipelines-4.20-bundle
chore: update bundle tekton pipelines for release 4.20
2 parents 2fc260d + 6c422a5 commit 9bef7f9

File tree

2 files changed

+48
-46
lines changed

2 files changed

+48
-46
lines changed

.tekton/kube-descheduler-operator-bundle-4-20-pull-request.yaml

Lines changed: 24 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ spec:
3333
description: |
3434
This pipeline is ideal for building container images from a Containerfile while maintaining trust after pipeline customization.
3535
36-
_Uses `buildah` to create a container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://enterprisecontract.dev/docs/ec-policies/release_policy.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
36+
_Uses `buildah` to create a container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://conforma.dev/docs/policy/packages/release_trusted_task.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
3737
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-oci-ta?tab=tags)_
3838
finally:
3939
- name: show-sbom
@@ -45,7 +45,7 @@ spec:
4545
- name: name
4646
value: show-sbom
4747
- name: bundle
48-
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:002f7c8c1d2f9e09904035da414aba1188ae091df0ea9532cd997be05e73d594
48+
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:beb0616db051952b4b861dd8c3e00fa1c0eccbd926feddf71194d3bb3ace9ce7
4949
- name: kind
5050
value: task
5151
resolver: bundles
@@ -90,6 +90,7 @@ spec:
9090
description: Image tag expiration time, time values could be something like
9191
1h, 2d, 3w for hours, days, and weeks, respectively.
9292
name: image-expires-after
93+
type: string
9394
- default: "true"
9495
description: Build a source image.
9596
name: build-source-image
@@ -138,7 +139,7 @@ spec:
138139
- name: name
139140
value: init
140141
- name: bundle
141-
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:66e90d31e1386bf516fb548cd3e3f0082b5d0234b8b90dbf9e0d4684b70dbe1a
142+
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:08e18a4dc5f947c1d20e8353a19d013144bea87b72f67236b165dd4778523951
142143
- name: kind
143144
value: task
144145
resolver: bundles
@@ -159,7 +160,7 @@ spec:
159160
- name: name
160161
value: git-clone-oci-ta
161162
- name: bundle
162-
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:0fea1e4bd2fdde46c5b7786629f423a51e357f681c32ceddd744a6e3d48b8327
163+
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:be82c55346e8810bd1edc5547f864064da6945979baccca7dfc99990b392a02b
163164
- name: kind
164165
value: task
165166
resolver: bundles
@@ -188,7 +189,7 @@ spec:
188189
- name: name
189190
value: prefetch-dependencies-oci-ta
190191
- name: bundle
191-
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:adbd819c6b727ac0c5519475d174dcad64cfa8df6ee50acd58f7fb562c59d4f7
192+
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:125aea525bcdb31ff86cb37d56e3d8369587ead48da3bc454d4344682724ca54
192193
- name: kind
193194
value: task
194195
resolver: bundles
@@ -231,7 +232,7 @@ spec:
231232
- name: name
232233
value: buildah-oci-ta
233234
- name: bundle
234-
value: quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta:0.4@sha256:09f012a6c726c66922703f28846a3cfa196e8a391729192cda0d8f8a757b6ff5
235+
value: quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta:0.4@sha256:653b4d9f00250abdc57ca277b8dbb91b50c976d38eda00be7cd97af639678f6e
235236
- name: kind
236237
value: task
237238
resolver: bundles
@@ -260,7 +261,7 @@ spec:
260261
- name: name
261262
value: build-image-index
262263
- name: bundle
263-
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:9c95b1fe17db091ae364344ba2006af46648e08486eef1f6fe1b9e3f10866875
264+
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:72f77a8c62f9d6f69ab5c35170839e4b190026e6cc3d7d4ceafa7033fc30ad7b
264265
- name: kind
265266
value: task
266267
resolver: bundles
@@ -272,7 +273,9 @@ spec:
272273
- name: build-source-image
273274
params:
274275
- name: BINARY_IMAGE
275-
value: $(params.output-image)
276+
value: $(tasks.build-image-index.results.IMAGE_URL)
277+
- name: BINARY_IMAGE_DIGEST
278+
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
276279
- name: SOURCE_ARTIFACT
277280
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
278281
- name: CACHI2_ARTIFACT
@@ -284,7 +287,7 @@ spec:
284287
- name: name
285288
value: source-build-oci-ta
286289
- name: bundle
287-
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.2@sha256:c5e56643c0f5e19409e86c8fd4de4348413b6f10456aa0875498d5c63bf6ef0e
290+
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:bfec1fabb0ed7c191e6c85d75e6cc577a04cabe9e6b35f9476529e8e5b3c0c82
288291
- name: kind
289292
value: task
290293
resolver: bundles
@@ -310,7 +313,7 @@ spec:
310313
- name: name
311314
value: deprecated-image-check
312315
- name: bundle
313-
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:ecd33669676b3a193ff4c2c6223cb912cc1b0cf5cc36e080eaec7718500272cf
316+
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:f485ef8bfdaf6e6d8d7795eb2e25f9c5ee8619d52220f4d64b5e28078d568c89
314317
- name: kind
315318
value: task
316319
resolver: bundles
@@ -332,7 +335,7 @@ spec:
332335
- name: name
333336
value: clair-scan
334337
- name: bundle
335-
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:68a8fe28527c4469243119a449e2b3a6655f2acac589c069ea6433242da8ed4d
338+
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:417f44117f8d87a4a62fea6589b5746612ac61640b454dbd88f74892380411f2
336339
- name: kind
337340
value: task
338341
resolver: bundles
@@ -352,7 +355,7 @@ spec:
352355
- name: name
353356
value: ecosystem-cert-preflight-checks
354357
- name: bundle
355-
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:8a2d3ce9205df1f59f410529cb38134336e0a4b06ee1187b3229f26c80ecc5ba
358+
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:f99d2bdb02f13223d494077a2cde31418d09369f33c02134a8e7e5fad2f61eda
356359
- name: kind
357360
value: task
358361
resolver: bundles
@@ -378,7 +381,7 @@ spec:
378381
- name: name
379382
value: sast-snyk-check-oci-ta
380383
- name: bundle
381-
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:9a6ec5575f80668552d861e64414e736c85af772c272ca653a6fd1ec841d2627
384+
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:fe5e5ba3a72632cd505910de2eacd62c9d11ed570c325173188f8d568ac60771
382385
- name: kind
383386
value: task
384387
resolver: bundles
@@ -400,7 +403,7 @@ spec:
400403
- name: name
401404
value: clamav-scan
402405
- name: bundle
403-
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:386c8c3395b44f6eb927dbad72382808b0ae42008f183064ca77cb4cad998442
406+
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.3@sha256:cce2dfcc5bd6e91ee54aacdadad523b013eeae5cdaa7f6a4624b8cbcc040f439
404407
- name: kind
405408
value: task
406409
resolver: bundles
@@ -445,7 +448,7 @@ spec:
445448
- name: name
446449
value: sast-coverity-check-oci-ta
447450
- name: bundle
448-
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:7c845b10d257b874f645ea30deeff3c1ce2b38e7b6e331564f32c8684f41b520
451+
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:5f81372e21a3c6f4a745b723e444b6eb81a11bdff8740e0ce4b96ad42924e45e
449452
- name: kind
450453
value: task
451454
resolver: bundles
@@ -466,7 +469,7 @@ spec:
466469
- name: name
467470
value: coverity-availability-check
468471
- name: bundle
469-
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:8b58c4fae00c0dfe3937abfb8a9a61aa3c408cca4278b817db53d518428d944e
472+
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:db2b267dc15e4ed17f704ee91b8e9b38068e1a35b1018a328fdca621819d74c6
470473
- name: kind
471474
value: task
472475
resolver: bundles
@@ -492,7 +495,7 @@ spec:
492495
- name: name
493496
value: sast-shell-check-oci-ta
494497
- name: bundle
495-
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:60a7ee6ec5d00920389f03befd328cdaa159b7122a94ff3c87da287e0f32420f
498+
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:bf7bdde00b7212f730c1356672290af6f38d070da2c8a316987b5c32fd49e0b9
496499
- name: kind
497500
value: task
498501
resolver: bundles
@@ -518,7 +521,7 @@ spec:
518521
- name: name
519522
value: sast-unicode-check-oci-ta
520523
- name: bundle
521-
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.2@sha256:9613b9037e4199495800c2054c13d0479e3335ec94e0f15f031a5bce844003a9
524+
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.2@sha256:3f99dc4634a62e1530324cd565d12323ca82be3cfa8a031a36b210becfa7b552
522525
- name: kind
523526
value: task
524527
resolver: bundles
@@ -529,8 +532,6 @@ spec:
529532
- "false"
530533
- name: apply-tags
531534
params:
532-
- name: IMAGE
533-
value: $(tasks.build-image-index.results.IMAGE_URL)
534535
- name: IMAGE_URL
535536
value: $(tasks.build-image-index.results.IMAGE_URL)
536537
- name: IMAGE_DIGEST
@@ -542,7 +543,7 @@ spec:
542543
- name: name
543544
value: apply-tags
544545
- name: bundle
545-
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:0c411c27483849a936c0c420a57e477113e9fafc63077647200d6614d9ebb872
546+
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:264fa9591929fb60e3aca033ff168e5d98b1aafb458d6988e327a99ff494b00b
546547
- name: kind
547548
value: task
548549
resolver: bundles
@@ -565,7 +566,7 @@ spec:
565566
- name: name
566567
value: push-dockerfile-oci-ta
567568
- name: bundle
568-
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:d0ee13ab3d9564f7ee806a8ceaced934db493a3a40e11ff6db3a912b8bbace95
569+
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:8640726ef7c5875e3b2e64c9f823921ea970674593f077cadfce3c45c9b9a2b9
569570
- name: kind
570571
value: task
571572
resolver: bundles
@@ -582,7 +583,7 @@ spec:
582583
- name: name
583584
value: rpms-signature-scan
584585
- name: bundle
585-
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:ec7f6de651458e4a5842b145e761b0d86b03b52bec1515d6d8a1b8cf107af95c
586+
value: quay.io/konflux-ci/konflux-vanguard/task-rpms-signature-scan:0.2@sha256:7d1c087d7d33dd97effb3b4c9f3788e4c3138da2032040d69da6929e9a3aaceb
586587
- name: kind
587588
value: task
588589
resolver: bundles

0 commit comments

Comments
 (0)