Skip to content

chore(KONFLUX-6210): fix and set name and cpe label for recert #581

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
fontivan merged 1 commit into from
Oct 3, 2025
Merged

chore(KONFLUX-6210): fix and set name and cpe label for recert #581

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion .tekton/build-pipeline.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,10 @@ spec:
default: docker
type: string
description: The format for the resulting image's mediaType. Valid values are oci or docker.
- default: []
description: Additional labels to apply to the built container image
name: additional-labels
type: array
results:
- description: ""
name: IMAGE_URL
Expand Down Expand Up @@ -250,12 +254,13 @@ spec:
- name: LABELS
value:
- $(tasks.generate-labels.results.labels[*])
- $(params.additional-labels[*])
- com.redhat.component=recert
- description=recert
- distribution-scope=public
- io.k8s.description=recert
- name=openshift4/recert-rhel9
- release=4.20
- cpe="cpe:/a:redhat:openshift:4.20::el9"
- url=https://github.com/rh-ecosystem-edge/recert
Comment on lines +257 to 264
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Oct 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Remove the quotes from the CPE label value.
Passing cpe="cpe:/a:redhat:openshift:4.20::el9" pushes the literal quotes through to buildah config --label, so the resulting image label becomes "cpe:/a:redhat:openshift:4.20::el9" instead of the bare CPE string Clair expects. Drop the inner quotes so the value is cpe:/a:redhat:openshift:4.20::el9.

🤖 Prompt for AI Agents 
In .tekton/build-pipeline.yaml around lines 257 to 264 the CPE label is written
as cpe="cpe:/a:redhat:openshift:4.20::el9" which preserves literal quotes into
buildah config; remove the inner quotes so the label is
cpe:/a:redhat:openshift:4.20::el9 (i.e. change that list entry to the unquoted
CPE string) so the image label contains the bare CPE value Clair expects.

- vendor=Red Hat, Inc.
- io.k8s.display-name=recert
Expand Down
3 changes: 3 additions & 0 deletions .tekton/recert-4-20-pull-request.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,9 @@ spec:
value: "true"
- name: additional-tags
value: []
- name: additional-labels
value:
- name=openshift4/recert-rhel9
pipelineRef:
name: build-pipeline
taskRunTemplate:
Expand Down
3 changes: 3 additions & 0 deletions .tekton/recert-4-20-push.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,9 @@ spec:
value: "true"
- name: additional-tags
value: ["latest"]
- name: additional-labels
value:
- name=openshift4/recert-rhel9
pipelineRef:
name: build-pipeline
taskRunTemplate:
Expand Down
Loading