Skip to content

chore(deps): update konflux references #482

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dirgim merged 3 commits into from
Jul 15, 2025
Merged

chore(deps): update konflux references #482

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e721f79
chore(deps): update konflux references
red-hat-konflux[bot] Jul 12, 2025
72374d3
chore: add required params to sast-synk-check
dirgim Jul 14, 2025
5f75e03
chore: add sast-unicode-check and sast-shell-check tasks
dirgim Jul 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
102 changes: 76 additions & 26 deletions .tekton/application-service-pull-request.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,8 @@ metadata:
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch
== "main"
creationTimestamp: null
pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "main"
creationTimestamp:
labels:
appstudio.openshift.io/application: application-service
appstudio.openshift.io/component: application-service
Expand Down Expand Up @@ -43,7 +42,7 @@ spec:
- name: name
value: show-sbom
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:52f8b96b96ce4203d4b74d850a85f963125bf8eef0683ea5acdd80818d335a28
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:1b1df4da95966d08ac6a5b8198710e09e68b5c2cdc707c37d9d19769e65884b2
- name: kind
value: task
resolver: bundles
Expand All @@ -62,7 +61,7 @@ spec:
- name: name
value: summary
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-summary:0.2@sha256:d97c04ab42f277b1103eb6f3a053b247849f4f5b3237ea302a8ecada3b24e15b
value: quay.io/konflux-ci/tekton-catalog/task-summary:0.2@sha256:3f6e8513cbd70f0416eb6c6f2766973a754778526125ff33d8e3633def917091
- name: kind
value: task
resolver: bundles
Expand All @@ -78,13 +77,11 @@ spec:
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where
to build image.
description: Path to the source code of an application's component from where to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter
path-context
description: Path to the Dockerfile inside the context specified by parameter path-context
name: dockerfile
type: string
- default: "false"
Expand All @@ -108,8 +105,7 @@ spec:
name: java
type: string
- default: ""
description: Image tag expiration time, time values could be something like
1h, 2d, 3w for hours, days, and weeks, respectively.
description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "false"
description: Build a source image.
Expand All @@ -128,9 +124,6 @@ spec:
- description: ""
name: CHAINS-GIT_COMMIT
value: $(tasks.clone-repository.results.commit)
- description: ""
name: JAVA_COMMUNITY_DEPENDENCIES
value: $(tasks.build-container.results.JAVA_COMMUNITY_DEPENDENCIES)
tasks:
- name: init
params:
Expand All @@ -145,7 +138,7 @@ spec:
- name: name
value: init
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:f239f38bba3a8351c8cb0980fde8e2ee477ded7200178b0f45175e4006ff1dca
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:66e90d31e1386bf516fb548cd3e3f0082b5d0234b8b90dbf9e0d4684b70dbe1a
- name: kind
value: task
resolver: bundles
Expand All @@ -162,7 +155,7 @@ spec:
- name: name
value: git-clone
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone:0.1@sha256:2cccdf8729ad4d5adf65e8b66464f8efa1e1c87ba16d343b4a6c621a2a40f7e1
value: quay.io/konflux-ci/tekton-catalog/task-git-clone:0.1@sha256:7939000e2f92fc8b5d2c4ee4ba9000433c5aa7700d2915a1d4763853d5fd1fd4
- name: kind
value: task
resolver: bundles
Expand All @@ -187,7 +180,7 @@ spec:
- name: name
value: prefetch-dependencies
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:f53fe5482599b39ae2d1004cf09a2026fd9dd3822ab6ef46b51b4a398b0a3232
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.2@sha256:afaf24519f78c76bd6e3c00c24ecb8918a623210fb7c6ee9aaf5fbaeba1f6c7b
- name: kind
value: task
resolver: bundles
Expand Down Expand Up @@ -222,7 +215,7 @@ spec:
- name: name
value: buildah
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah:0.2@sha256:11b7f08ddaa281fcf40494a2a2f79e0aebcaa3e7da93790fecad4d46983648d2
value: quay.io/konflux-ci/tekton-catalog/task-buildah:0.4@sha256:fc7437e1fc19d7a2b468e529f7fbc372ca139f194ec5d8ea28fe48b0817ec6c0
- name: kind
value: task
resolver: bundles
Expand All @@ -237,15 +230,17 @@ spec:
- name: build-source-image
params:
- name: BINARY_IMAGE
value: $(params.output-image)
value: $(tasks.build-container.results.IMAGE_URL)
- name: BINARY_IMAGE_DIGEST
value: $(tasks.build-container.results.IMAGE_DIGEST)
runAfter:
- build-container
taskRef:
params:
- name: name
value: source-build
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build:0.1@sha256:53a41b0838b61cbacc7ecd4ffd87cf3f41b28a4aa9e095fe95779982c688dc85
value: quay.io/konflux-ci/tekton-catalog/task-source-build:0.3@sha256:1fdda7563f21340d6243c8738934a58adffd8253706b423d1c4ec5e26ba5fae0
- name: kind
value: task
resolver: bundles
Expand Down Expand Up @@ -274,7 +269,7 @@ spec:
- name: name
value: deprecated-image-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.4@sha256:443ffa897ee35e416a0bfd39721c68cbf88cfa5c74c843c5183218d0cd586e82
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:3c8b81fa868e27c6266e7660a4bfb4c822846dcf4304606e71e20893b0d3e515
- name: kind
value: task
resolver: bundles
Expand All @@ -296,7 +291,7 @@ spec:
- name: name
value: clair-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:90e371fe7ec2288259a906bc1fd49c53b8b97a0b0b02da0893fb65e3be2a5801
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:d354939892f3a904223ec080cc3771bd11931085a5d202323ea491ee8e8c5e43
- name: kind
value: task
resolver: bundles
Expand All @@ -306,14 +301,19 @@ spec:
values:
- "false"
- name: sast-snyk-check
params:
- name: image-digest
value: $(tasks.build-container.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-container.results.IMAGE_URL)
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: sast-snyk-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check:0.2@sha256:eb7c643130f226c345b3602dca280e6f8cd6f90f948503918d5a2677bf0610f7
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check:0.4@sha256:da2344f6dae50fc14892d818aee128f9d5df32d0d98dddb504e721408a9fb13d
- name: kind
value: task
resolver: bundles
Expand All @@ -338,7 +338,7 @@ spec:
- name: name
value: clamav-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.1@sha256:21c7d037df3b430fc5c21b932e2062d0b82b046f39a2dc965aba7dff7a9cfc57
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:9cab95ac9e833d77a63c079893258b73b8d5a298d93aaf9bdd6722471bc2f338
- name: kind
value: task
resolver: bundles
Expand All @@ -347,6 +347,56 @@ spec:
operator: in
values:
- "false"
- name: sast-shell-check
workspaces:
- name: workspace
workspace: workspace
params:
- name: image-digest
value: $(tasks.build-container.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-container.results.IMAGE_URL)
runAfter:
- build-container
taskRef:
params:
- name: name
value: sast-shell-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check:0.1@sha256:8587b9276b11182454b0786c536668d63780552d27ad297a9e8bd04a2af6378e
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-unicode-check
workspaces:
- name: workspace
workspace: workspace
params:
- name: image-url
value: $(tasks.build-container.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-container.results.IMAGE_DIGEST)
runAfter:
- build-container
taskRef:
params:
- name: name
value: sast-unicode-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check:0.3@sha256:bec18fa5e82e801c3f267f29bf94535a5024e72476f2b27cca7271d506abb5ad
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: rpms-signature-scan
params:
- name: image-url
Expand All @@ -360,7 +410,7 @@ spec:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:0c9667fba291af05997397a32e5e938ccaa46e93a2e14bad228e64a6427c5545
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:1b6c20ab3dbfb0972803d3ebcb2fa72642e59400c77bd66dfd82028bdd09e120
- name: kind
value: task
resolver: bundles
Expand All @@ -378,7 +428,7 @@ spec:
- name: workspace
volumeClaimTemplate:
metadata:
creationTimestamp: null
creationTimestamp:
spec:
accessModes:
- ReadWriteOnce
Expand Down
Loading
Loading