Skip to content

Add disk-image pipeline to required tasks#224

Open
Victoremepunto wants to merge 1 commit into
release-engineering:mainfrom
Victoremepunto:disk-image-required-tasks
Open

Add disk-image pipeline to required tasks#224
Victoremepunto wants to merge 1 commit into
release-engineering:mainfrom
Victoremepunto:disk-image-required-tasks

Conversation

@Victoremepunto

Copy link
Copy Markdown

Summary

  • Adds a disk-image entry to pipeline-required-tasks for the disk-image build pipeline used by RHEL AI bootc disk image builds
  • The disk-image pipeline uses build-vm-image instead of buildah and does not include container-specific scanning tasks (clair-scan, clamav-scan, rpms-signature-scan, deprecated-image-check)
  • Without this entry, conforma falls back to docker/generic required task lists which mandate buildah and deprecated-image-check, forcing teams to maintain permanent ECP exceptions

Tasks included

init, git-clone-oci-ta, prefetch-dependencies-oci-ta, build-vm-image, build-image-index, sast-shell-check-oci-ta, sast-snyk-check-oci-ta, sast-unicode-check-oci-ta

Test plan

  • Verify build-vm-image task has label build_type: disk-image matching this entry
  • Run conforma validation against a disk-image build with this data to confirm buildah exceptions are no longer needed

Signed-off-by: Víctor M. Múgica vmugicag@redhat.com

🤖 Generated with Claude Code

The disk-image pipeline (used by RHEL AI bootc disk image builds) uses
build-vm-image instead of buildah and does not include container-specific
scanning tasks. Without a dedicated entry, conforma falls back to the
docker/generic required task lists which mandate buildah and
deprecated-image-check, forcing teams to maintain permanent ECP exceptions.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: Víctor M. Múgica <vmugicag@redhat.com>
@Victoremepunto

Copy link
Copy Markdown
Author

unsure if this is needed after all, can you give me some feedback here please @ralphbean ? the intention was to "declare" which are the expected tasks for a disk-image pipeline - I'm not sure this is the right way to do it , ultimately I want to avoid needing exceptions in ECPs

@rhartman93

Copy link
Copy Markdown
Contributor

@Victoremepunto to be clear these are tasks that should be "required"? or are you trying to make tasks trusted?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants