@@ -7,9 +7,8 @@ metadata:
77 build.appstudio.redhat.com/pull_request_number : ' {{pull_request_number}}'
88 build.appstudio.redhat.com/target_branch : ' {{target_branch}}'
99 pipelinesascode.tekton.dev/max-keep-runs : " 3"
10- pipelinesascode.tekton.dev/on-cel-expression : event == "pull_request" && target_branch
11- == "main"
12- creationTimestamp : null
10+ pipelinesascode.tekton.dev/on-cel-expression : event == "pull_request" && target_branch == "main"
11+ creationTimestamp :
1312 labels :
1413 appstudio.openshift.io/application : openshift-gitops-operator
1514 appstudio.openshift.io/component : gitops-must-gather
4948 - name : name
5049 value : show-sbom
5150 - name : bundle
52- value : quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:04f15cbce548e1db7770eee3f155ccb2cc0140a6c371dc67e9a34d83673ea0c0
51+ value : quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:a7346ed61237db4f82ff782e0c9e8b30536e0e67b907ad600341a6d192e80012
5352 - name : kind
5453 value : task
5554 resolver : bundles
@@ -65,13 +64,11 @@ spec:
6564 name : output-image
6665 type : string
6766 - default : .
68- description : Path to the source code of an application's component from where
69- to build image.
67+ description : Path to the source code of an application's component from where to build image.
7068 name : path-context
7169 type : string
7270 - default : Dockerfile
73- description : Path to the Dockerfile inside the context specified by parameter
74- path-context
71+ description : Path to the Dockerfile inside the context specified by parameter path-context
7572 name : dockerfile
7673 type : string
7774 - default : " false"
9188 name : prefetch-input
9289 type : string
9390 - default : " "
94- description : Image tag expiration time, time values could be something like
95- 1h, 2d, 3w for hours, days, and weeks, respectively.
91+ description : Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
9692 name : image-expires-after
9793 - default : " false"
9894 description : Build a source image.
@@ -112,10 +108,17 @@ spec:
112108 type : string
113109 - default :
114110 - linux/x86_64
115- description : List of platforms to build the container images on. The available
116- set of values is determined by the configuration of the multi-platform-controller.
111+ description : List of platforms to build the container images on. The available set of values is determined by the configuration of the multi-platform-controller.
117112 name : build-platforms
118113 type : array
114+ - name : sast-target-dirs
115+ type : string
116+ default : .
117+ description : Target directories to scan with SAST tools. Multiple values should be separated with commas.
118+ - name : enable-package-registry-proxy
119+ default : ' true'
120+ description : Use the package registry proxy when prefetching dependencies
121+ type : string
119122 results :
120123 - description : " "
121124 name : IMAGE_URL
@@ -143,7 +146,7 @@ spec:
143146 - name : name
144147 value : init
145148 - name : bundle
146- value : quay.io/konflux-ci/tekton-catalog/task-init:0.2 @sha256:737682d073a65a486d59b2b30e3104b93edd8490e0cd5e9b4a39703e47363f0f
149+ value : quay.io/konflux-ci/tekton-catalog/task-init:0.4 @sha256:5a423246792ac501ea279229b42ee57da9927da441c04b5c9ff86817b0856b08
147150 - name : kind
148151 value : task
149152 resolver : bundles
@@ -164,7 +167,7 @@ spec:
164167 - name : name
165168 value : git-clone-oci-ta
166169 - name : bundle
167- value : quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:9709088bf3c581d4763e9804d9ee3a1f06ad6a61c23237277057c4f0cdc4f9c3
170+ value : quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:d30f13dd15daf89dd6dc645243b3444d35570d13f7840c3fd65e366022515205
168171 - name : kind
169172 value : task
170173 resolver : bundles
@@ -186,14 +189,16 @@ spec:
186189 value : $(params.output-image).prefetch
187190 - name : ociArtifactExpiresAfter
188191 value : $(params.image-expires-after)
192+ - name : enable-package-registry-proxy
193+ value : $(params.enable-package-registry-proxy)
189194 runAfter :
190195 - clone-repository
191196 taskRef :
192197 params :
193198 - name : name
194199 value : prefetch-dependencies-oci-ta
195200 - name : bundle
196- value : quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2 @sha256:efc8aebec295bf5986597b6bbeebe093b2764fea79c66094e05ff3d283f54932
201+ value : quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.3 @sha256:3dc78afbf3a441e0280067433cb28ea3d2d0088ec214c73bf063f145b4f273ef
197202 - name : kind
198203 value : task
199204 resolver : bundles
@@ -245,7 +250,7 @@ spec:
245250 - name : name
246251 value : buildah-remote-oci-ta
247252 - name : bundle
248- value : quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4 @sha256:468708e0a5dc3a314d71ca0cf2db80c6d7fefae98b292b10fa1cf07ea3787d9e
253+ value : quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.9 @sha256:77007259cc87f32d63d2c201226aadaab98313cfd4e02b46abc243c4d2cc27bd
249254 - name : kind
250255 value : task
251256 resolver : bundles
@@ -258,10 +263,6 @@ spec:
258263 params :
259264 - name : IMAGE
260265 value : $(params.output-image)
261- - name : COMMIT_SHA
262- value : $(tasks.clone-repository.results.commit)
263- - name : IMAGE_EXPIRES_AFTER
264- value : $(params.image-expires-after)
265266 - name : ALWAYS_BUILD_INDEX
266267 value : $(params.build-image-index)
267268 - name : IMAGES
@@ -274,7 +275,7 @@ spec:
274275 - name : name
275276 value : build-image-index
276277 - name : bundle
277- value : quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1 @sha256:95be274b6d0432d4671e2c41294ec345121bdf01284b1c6c46b5537dc6b37e15
278+ value : quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.3 @sha256:b33bfa8dc27dbf459f0779598ba45dcaa490bcc9f8efe1652bcf360ec8cb5582
278279 - name : kind
279280 value : task
280281 resolver : bundles
@@ -286,19 +287,21 @@ spec:
286287 - name : build-source-image
287288 params :
288289 - name : BINARY_IMAGE
289- value : $(params.output -image)
290+ value : $(tasks.build -image-index.results.IMAGE_URL )
290291 - name : SOURCE_ARTIFACT
291292 value : $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
292293 - name : CACHI2_ARTIFACT
293294 value : $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
295+ - name : BINARY_IMAGE_DIGEST
296+ value : $(tasks.build-image-index.results.IMAGE_DIGEST)
294297 runAfter :
295298 - build-image-index
296299 taskRef :
297300 params :
298301 - name : name
299302 value : source-build-oci-ta
300303 - name : bundle
301- value : quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.2 @sha256:9fe82c9511f282287686f918bf1a543fcef417848e7a503357e988aab2887cee
304+ value : quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3 @sha256:8567bb7bf8fa9147c96b297533336fa7079ecf972cb86c09ccdd6bddedb25711
302305 - name : kind
303306 value : task
304307 resolver : bundles
@@ -324,7 +327,7 @@ spec:
324327 - name : name
325328 value : deprecated-image-check
326329 - name : bundle
327- value : quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:5d63b920b71192906fe4d6c4903f594e6f34c5edcff9d21714a08b5edcfbc667
330+ value : quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:e78d0d3baf3c8cfc1a5ad278196b74032d9568b143a87c7a79ab780fedfb296e
328331 - name : kind
329332 value : task
330333 resolver : bundles
@@ -346,7 +349,7 @@ spec:
346349 - name : name
347350 value : clair-scan
348351 - name : bundle
349- value : quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2 @sha256:712afcf63f3b5a97c371d37e637efbcc9e1c7ad158872339d00adc6413cd8851
352+ value : quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.3 @sha256:8fad4c2e2f470f82ee43d6b2ac72327b4d9c6e9cb514a678911c1c9359c29894
350353 - name : kind
351354 value : task
352355 resolver : bundles
@@ -366,7 +369,7 @@ spec:
366369 - name : name
367370 value : ecosystem-cert-preflight-checks
368371 - name : bundle
369- value : quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:00b13d06d17328e105b11619ee4db98b215ca6ac02314a4776aa5fc2a974f9c1
372+ value : quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:88f4fd6d7812a3c46f120f3035974f5fb8cb06b5e3e927badf6e8370f1516a88
370373 - name : kind
371374 value : task
372375 resolver : bundles
@@ -375,6 +378,11 @@ spec:
375378 operator : in
376379 values :
377380 - " false"
381+ matrix :
382+ params :
383+ - name : platform
384+ value :
385+ - $(params.build-platforms)
378386 - name : sast-snyk-check
379387 params :
380388 - name : image-digest
@@ -385,14 +393,16 @@ spec:
385393 value : $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
386394 - name : CACHI2_ARTIFACT
387395 value : $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
396+ - name : TARGET_DIRS
397+ value : $(params.sast-target-dirs)
388398 runAfter :
389399 - build-image-index
390400 taskRef :
391401 params :
392402 - name : name
393403 value : sast-snyk-check-oci-ta
394404 - name : bundle
395- value : quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.3 @sha256:a1cb59ed66a7be1949c9720660efb0a006e95ef05b3f67929dd8e310e1d7baef
405+ value : quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4 @sha256:0ebf28a0abd5a167438d4628938a74ade6f00a44a4b7ed1cfa9cfc57a5b24748
396406 - name : kind
397407 value : task
398408 resolver : bundles
@@ -414,7 +424,7 @@ spec:
414424 - name : name
415425 value : clamav-scan
416426 - name : bundle
417- value : quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2 @sha256:62c835adae22e36fce6684460b39206bc16752f1a4427cdbba4ee9afdd279670
427+ value : quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.3 @sha256:567cb66bd2e1f4b58b9d4d756f3317fc62479e0b40aa0de66094b1f12d296cfc
418428 - name : kind
419429 value : task
420430 resolver : bundles
@@ -434,7 +444,7 @@ spec:
434444 - name : name
435445 value : apply-tags
436446 - name : bundle
437- value : quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.1 @sha256:61c90b1c94a2a11cb11211a0d65884089b758c34254fcec164d185a402beae22
447+ value : quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.3 @sha256:a291081de7fb27f832c6fc3c4b078acf7e6162ca4c085db38b118ca87e8b5b66
438448 - name : kind
439449 value : task
440450 resolver : bundles
@@ -457,7 +467,7 @@ spec:
457467 - name : name
458468 value : push-dockerfile-oci-ta
459469 - name : bundle
460- value : quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1 @sha256:55a4ff2910ae2e4502f3841719935d37578bd52156bc789fcdf45ff48c2b048b
470+ value : quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.3 @sha256:7855471abfe87de080b914f2f3ca27c59e64f6448a7c2435e51435b764494c71
461471 - name : kind
462472 value : task
463473 resolver : bundles
@@ -474,7 +484,7 @@ spec:
474484 - name : name
475485 value : rpms-signature-scan
476486 - name : bundle
477- value : quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:c0798ff85ad04f1553d349fe34aa4918597fb35b3b74e344dfbd5af2f3494300
487+ value : quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:237c54b069d16c3785d1302f19be309aa6c0ae2313d446e30cb74671e07ca676
478488 - name : kind
479489 value : task
480490 resolver : bundles
0 commit comments