@@ -110,6 +110,10 @@ spec:
110110 default : ' true'
111111 description : Use the package registry proxy when prefetching dependencies
112112 type : string
113+ - name : sast-target-dirs
114+ type : string
115+ default : .
116+ description : Target directories to scan with SAST tools. Multiple values should be separated with commas.
113117 results :
114118 - description : " "
115119 name : IMAGE_URL
@@ -133,7 +137,7 @@ spec:
133137 - name : name
134138 value : init
135139 - name : bundle
136- value : quay.io/konflux-ci/tekton-catalog/task-init:0.4@sha256:b797dd453ddad669365de6de4649e3a9e37e77aa26eb9862ca079a36cbfe64a4
140+ value : quay.io/konflux-ci/tekton-catalog/task-init:0.4@sha256:5a423246792ac501ea279229b42ee57da9927da441c04b5c9ff86817b0856b08
137141 - name : kind
138142 value : task
139143 resolver : bundles
@@ -154,7 +158,7 @@ spec:
154158 - name : name
155159 value : git-clone-oci-ta
156160 - name : bundle
157- value : quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:13d49df7dc9ae301627e45f95a236011422996152f1bea46cd60217b0f057407
161+ value : quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:d30f13dd15daf89dd6dc645243b3444d35570d13f7840c3fd65e366022515205
158162 - name : kind
159163 value : task
160164 resolver : bundles
@@ -180,7 +184,7 @@ spec:
180184 - name : name
181185 value : prefetch-dependencies-oci-ta
182186 - name : bundle
183- value : quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.3@sha256:1b209c0d93e52e418f3e6cd4b4fd915a84e4bd7f68e1cfd0d6446133540d7f43
187+ value : quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.3@sha256:3dc78afbf3a441e0280067433cb28ea3d2d0088ec214c73bf063f145b4f273ef
184188 - name : kind
185189 value : task
186190 resolver : bundles
@@ -253,7 +257,7 @@ spec:
253257 - name : name
254258 value : build-image-index
255259 - name : bundle
256- value : quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.3@sha256:550afde50349e22ec11191ea0db9a49395ab46fef4e8317d820b6e946677ebeb
260+ value : quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.3@sha256:b33bfa8dc27dbf459f0779598ba45dcaa490bcc9f8efe1652bcf360ec8cb5582
257261 - name : kind
258262 value : task
259263 resolver : bundles
@@ -296,7 +300,7 @@ spec:
296300 - name : name
297301 value : deprecated-image-check
298302 - name : bundle
299- value : quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:57d1f556982115311f603dd9a728c52a7a1d092f022e1db4560da01eca9e5d17
303+ value : quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:e78d0d3baf3c8cfc1a5ad278196b74032d9568b143a87c7a79ab780fedfb296e
300304 - name : kind
301305 value : task
302306 resolver : bundles
@@ -318,7 +322,7 @@ spec:
318322 - name : name
319323 value : clair-scan
320324 - name : bundle
321- value : quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.3@sha256:cd49cdea7e5403a87c4774bd8ea10bc4e6aeb83841ff490cbe42b782779513a7
325+ value : quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.3@sha256:8fad4c2e2f470f82ee43d6b2ac72327b4d9c6e9cb514a678911c1c9359c29894
322326 - name : kind
323327 value : task
324328 resolver : bundles
@@ -338,7 +342,7 @@ spec:
338342 - name : name
339343 value : ecosystem-cert-preflight-checks
340344 - name : bundle
341- value : quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:25dcef1d9270b2e03fe6710a733171f7c7208e341fc627dac3a579088f44af34
345+ value : quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:9c300728a03f41beee9a689422d66513d32ab5f804664fe561b11cebacd07799
342346 - name : kind
343347 value : task
344348 resolver : bundles
@@ -357,6 +361,8 @@ spec:
357361 value : $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
358362 - name : CACHI2_ARTIFACT
359363 value : $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
364+ - name : TARGET_DIRS
365+ value : $(params.sast-target-dirs)
360366 runAfter :
361367 - build-image-index
362368 taskRef :
@@ -424,6 +430,8 @@ spec:
424430 value : $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
425431 - name : CACHI2_ARTIFACT
426432 value : $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
433+ - name : TARGET_DIRS
434+ value : $(params.sast-target-dirs)
427435 runAfter :
428436 - coverity-availability-check
429437 taskRef :
@@ -471,6 +479,8 @@ spec:
471479 value : $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
472480 - name : CACHI2_ARTIFACT
473481 value : $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
482+ - name : TARGET_DIRS
483+ value : $(params.sast-target-dirs)
474484 runAfter :
475485 - build-image-index
476486 taskRef :
@@ -497,6 +507,8 @@ spec:
497507 value : $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
498508 - name : CACHI2_ARTIFACT
499509 value : $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
510+ - name : TARGET_DIRS
511+ value : $(params.sast-target-dirs)
500512 runAfter :
501513 - build-image-index
502514 taskRef :
@@ -566,7 +578,7 @@ spec:
566578 - name : name
567579 value : rpms-signature-scan
568580 - name : bundle
569- value : quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:1d807f6be3be2bd8bff76321e9599bbafce8196dcd9597eeffd9df65466682af
581+ value : quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:41720da9dfe26f33b0bdc46bbf8667a27dae4790d8e5c5f4412224658de7b213
570582 - name : kind
571583 value : task
572584 resolver : bundles
0 commit comments