From 77b3468978c453eb8cb32c3dee9661f6335d4ff2 Mon Sep 17 00:00:00 2001
From: ccronca <ccota@redhat.com>
Date: Fri, 16 Aug 2024 11:34:20 +0200
Subject: [PATCH 1/2] fix(KONFLUX-3663): format Tekton PipelineRun files

Format PipelineRun files with yq for consistent indentation and format

Signed-off-by: ccronca <ccota@redhat.com>
---
 .../hypershift-addon-operator-backplane-24-pull-request.yaml   | 3 +--
 .tekton/hypershift-addon-operator-backplane-24-push.yaml       | 3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/.tekton/hypershift-addon-operator-backplane-24-pull-request.yaml b/.tekton/hypershift-addon-operator-backplane-24-pull-request.yaml
index 025e1e80..df2561ea 100644
--- a/.tekton/hypershift-addon-operator-backplane-24-pull-request.yaml
+++ b/.tekton/hypershift-addon-operator-backplane-24-pull-request.yaml
@@ -100,8 +100,7 @@ spec:
       name: snyk-secret
       type: string
     - default: ""
-      description: Image tag expiration time, time values could be something like
-        1h, 2d, 3w for hours, days, and weeks, respectively.
+      description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
       name: image-expires-after
     results:
     - description: ""
diff --git a/.tekton/hypershift-addon-operator-backplane-24-push.yaml b/.tekton/hypershift-addon-operator-backplane-24-push.yaml
index 66bbe4fa..8c12ca36 100644
--- a/.tekton/hypershift-addon-operator-backplane-24-push.yaml
+++ b/.tekton/hypershift-addon-operator-backplane-24-push.yaml
@@ -97,8 +97,7 @@ spec:
       name: snyk-secret
       type: string
     - default: ""
-      description: Image tag expiration time, time values could be something like
-        1h, 2d, 3w for hours, days, and weeks, respectively.
+      description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
       name: image-expires-after
     results:
     - description: ""

From 407c5d3427729126be0e0fff8aa46c311815c8f6 Mon Sep 17 00:00:00 2001
From: ccronca <ccota@redhat.com>
Date: Fri, 16 Aug 2024 11:34:20 +0200
Subject: [PATCH 2/2] fix(KONFLUX-3663): upload SAST results to quay.io

Configure the SAST task to upload SARIF results to quay.io for
long-term storage

Signed-off-by: ccronca <ccota@redhat.com>
---
 ...hypershift-addon-operator-backplane-24-pull-request.yaml | 6 +++++-
 .tekton/hypershift-addon-operator-backplane-24-push.yaml    | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/.tekton/hypershift-addon-operator-backplane-24-pull-request.yaml b/.tekton/hypershift-addon-operator-backplane-24-pull-request.yaml
index df2561ea..f1fc9138 100644
--- a/.tekton/hypershift-addon-operator-backplane-24-pull-request.yaml
+++ b/.tekton/hypershift-addon-operator-backplane-24-pull-request.yaml
@@ -289,8 +289,12 @@ spec:
       params:
       - name: SNYK_SECRET
         value: $(params.snyk-secret)
+      - name: image-digest
+        value: $(tasks.build-container.results.IMAGE_DIGEST)
+      - name: image-url
+        value: $(tasks.build-container.results.IMAGE_URL)
       runAfter:
-      - clone-repository
+      - build-container
       taskRef:
         bundle: quay.io/redhat-appstudio-tekton-catalog/task-sast-snyk-check:0.1@sha256:ce73b27a7a345a99ff88a730388d938243678af42704da8db69387bdf547b8ad
         name: sast-snyk-check
diff --git a/.tekton/hypershift-addon-operator-backplane-24-push.yaml b/.tekton/hypershift-addon-operator-backplane-24-push.yaml
index 8c12ca36..3a2ae497 100644
--- a/.tekton/hypershift-addon-operator-backplane-24-push.yaml
+++ b/.tekton/hypershift-addon-operator-backplane-24-push.yaml
@@ -286,8 +286,12 @@ spec:
       params:
       - name: SNYK_SECRET
         value: $(params.snyk-secret)
+      - name: image-digest
+        value: $(tasks.build-container.results.IMAGE_DIGEST)
+      - name: image-url
+        value: $(tasks.build-container.results.IMAGE_URL)
       runAfter:
-      - clone-repository
+      - build-container
       taskRef:
         bundle: quay.io/redhat-appstudio-tekton-catalog/task-sast-snyk-check:0.1@sha256:ce73b27a7a345a99ff88a730388d938243678af42704da8db69387bdf547b8ad
         name: sast-snyk-check