diff --git a/.konflux/applications/serverless-operator-136/components/net-istio-controller-116.yaml b/.konflux/applications/serverless-operator-136/components/net-istio-controller-116.yaml index 2ed53bc31..28132d5d4 100755 --- a/.konflux/applications/serverless-operator-136/components/net-istio-controller-116.yaml +++ b/.konflux/applications/serverless-operator-136/components/net-istio-controller-116.yaml @@ -3,11 +3,17 @@ kind: Component metadata: annotations: build.appstudio.openshift.io/pipeline: '{"name":"docker-build","bundle":"latest"}' + build.appstudio.openshift.io/request: configure-pac-no-mr name: net-istio-controller-116 spec: componentName: net-istio-controller-116 application: serverless-operator-136 + build-nudges-ref: + + - "serverless-bundle-136" + + source: git: url: https://github.com/openshift-knative/net-istio.git diff --git a/.konflux/applications/serverless-operator-136/components/net-istio-webhook-116.yaml b/.konflux/applications/serverless-operator-136/components/net-istio-webhook-116.yaml index 71757e73f..24f7a2883 100755 --- a/.konflux/applications/serverless-operator-136/components/net-istio-webhook-116.yaml +++ b/.konflux/applications/serverless-operator-136/components/net-istio-webhook-116.yaml @@ -3,11 +3,17 @@ kind: Component metadata: annotations: build.appstudio.openshift.io/pipeline: '{"name":"docker-build","bundle":"latest"}' + build.appstudio.openshift.io/request: configure-pac-no-mr name: net-istio-webhook-116 spec: componentName: net-istio-webhook-116 application: serverless-operator-136 + build-nudges-ref: + + - "serverless-bundle-136" + + source: git: url: https://github.com/openshift-knative/net-istio.git diff --git a/.konflux/applications/serverless-operator-136/tests/ec-test.yaml b/.konflux/applications/serverless-operator-136/tests/ec-test.yaml index 8ef8fdd6e..5b29ed6f4 100755 --- a/.konflux/applications/serverless-operator-136/tests/ec-test.yaml +++ b/.konflux/applications/serverless-operator-136/tests/ec-test.yaml @@ -1,13 +1,13 @@ apiVersion: appstudio.redhat.com/v1beta2 kind: IntegrationTestScenario metadata: - name: serverless-operator-136-enterprise-contract + name: serverless-operator-136-ec spec: params: - name: POLICY_CONFIGURATION - value: rhtap-releng-tenant/tmp-onboard-policy + value: rhtap-releng-tenant/registry-standard-stage - name: TIMEOUT - value: "45m0s" + value: "120m" application: serverless-operator-136 contexts: - description: Application testing diff --git a/.konflux/applications/serverless-operator-136/tests/override-snapshot-ec-test.yaml b/.konflux/applications/serverless-operator-136/tests/override-snapshot-ec-test.yaml new file mode 100755 index 000000000..a1b14a3c4 --- /dev/null +++ b/.konflux/applications/serverless-operator-136/tests/override-snapshot-ec-test.yaml @@ -0,0 +1,23 @@ +apiVersion: appstudio.redhat.com/v1beta2 +kind: IntegrationTestScenario +metadata: + name: serverless-operator-136-ec-override-snapshot +spec: + params: + - name: POLICY_CONFIGURATION + value: rhtap-releng-tenant/registry-standard + - name: TIMEOUT + value: "120m" + application: serverless-operator-136 + contexts: + - description: Override Snapshot testing + name: override + resolverRef: + params: + - name: url + value: 'https://github.com/redhat-appstudio/build-definitions' + - name: revision + value: main + - name: pathInRepo + value: pipelines/enterprise-contract.yaml + resolver: git diff --git a/.tekton/docker-build.yaml b/.tekton/docker-build.yaml index 255c3f560..e469125a2 100755 --- a/.tekton/docker-build.yaml +++ b/.tekton/docker-build.yaml @@ -429,6 +429,56 @@ spec: operator: in values: - "false" + - name: sast-shell-check + params: + - name: image-digest + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: SOURCE_ARTIFACT + value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) + - name: CACHI2_ARTIFACT + value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: sast-shell-check-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:ac6a35e4143a68f841e363da3f21f2123de9f3acf76596f79ecb60c501eed408 + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" + - name: sast-unicode-check + params: + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: SOURCE_ARTIFACT + value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) + - name: CACHI2_ARTIFACT + value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: sast-shell-check-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:ac6a35e4143a68f841e363da3f21f2123de9f3acf76596f79ecb60c501eed408 + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" - name: push-dockerfile params: - name: IMAGE diff --git a/.tekton/net-istio-controller-116-pull-request.yaml b/.tekton/net-istio-controller-116-pull-request.yaml index ecc5e5d5c..a398e510f 100755 --- a/.tekton/net-istio-controller-116-pull-request.yaml +++ b/.tekton/net-istio-controller-116-pull-request.yaml @@ -21,11 +21,11 @@ spec: value: openshift/ci-operator/knative-images/controller/Dockerfile - name: build-args value: - - VERSION=1.36.0 - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 - name: git-url value: '{{source_url}}' - name: hermetic diff --git a/.tekton/net-istio-controller-116-push.yaml b/.tekton/net-istio-controller-116-push.yaml index 19da77d61..f2ace410e 100755 --- a/.tekton/net-istio-controller-116-push.yaml +++ b/.tekton/net-istio-controller-116-push.yaml @@ -20,11 +20,11 @@ spec: value: openshift/ci-operator/knative-images/controller/Dockerfile - name: build-args value: - - VERSION=1.36.0 - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 - name: git-url value: '{{source_url}}' - name: hermetic @@ -35,6 +35,7 @@ spec: value: '{{revision}}' - name: additional-tags value: + - $(context.pipelineRun.uid)-{{revision}} - 1.36.0 - latest pipelineRef: diff --git a/.tekton/net-istio-webhook-116-pull-request.yaml b/.tekton/net-istio-webhook-116-pull-request.yaml index e34e2ef36..1e7af763b 100755 --- a/.tekton/net-istio-webhook-116-pull-request.yaml +++ b/.tekton/net-istio-webhook-116-pull-request.yaml @@ -21,11 +21,11 @@ spec: value: openshift/ci-operator/knative-images/webhook/Dockerfile - name: build-args value: - - VERSION=1.36.0 - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 - name: git-url value: '{{source_url}}' - name: hermetic diff --git a/.tekton/net-istio-webhook-116-push.yaml b/.tekton/net-istio-webhook-116-push.yaml index ea441020f..768f6a9c2 100755 --- a/.tekton/net-istio-webhook-116-push.yaml +++ b/.tekton/net-istio-webhook-116-push.yaml @@ -20,11 +20,11 @@ spec: value: openshift/ci-operator/knative-images/webhook/Dockerfile - name: build-args value: - - VERSION=1.36.0 - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 - name: git-url value: '{{source_url}}' - name: hermetic @@ -35,6 +35,7 @@ spec: value: '{{revision}}' - name: additional-tags value: + - $(context.pipelineRun.uid)-{{revision}} - 1.36.0 - latest pipelineRef: