diff --git a/.tekton/governance-policy-propagator-fm3n-pull-request.yaml b/.tekton/governance-policy-propagator-fm3n-pull-request.yaml index 67b5cb30..d542e917 100644 --- a/.tekton/governance-policy-propagator-fm3n-pull-request.yaml +++ b/.tekton/governance-policy-propagator-fm3n-pull-request.yaml @@ -37,7 +37,7 @@ spec: - name: IMAGE_URL value: $(tasks.build-container.results.IMAGE_URL) taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-show-sbom:0.1@sha256:4b8a47b3cd3f80d0a9ec46ec43fd2ebe0487979f351a8eeebe5aa04854d3861c + bundle: quay.io/redhat-appstudio-tekton-catalog/task-show-sbom:0.1@sha256:202d3c3385120ea847d8f0a82bd8d9d5e873d67f981d6f8a51fb1706caaf6bef name: show-sbom - name: show-summary params: @@ -50,7 +50,7 @@ spec: - name: build-task-status value: $(tasks.build-container.status) taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-summary:0.1@sha256:08fde7abf2e24f31d68119d613fb208a25c71263cef440f02c8cb3a43d91813d + bundle: quay.io/redhat-appstudio-tekton-catalog/task-summary:0.1@sha256:f65a69aaf71cbab382eff685eee522ad35068a4d91d233e76cef7d42ff15a686 name: summary params: - description: Source Repository URL @@ -128,7 +128,7 @@ spec: - name: pipelinerun-uid value: $(context.pipelineRun.uid) taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-init:0.1@sha256:159b85246559defbabbd55a42da0b7f618a4307d13bd4d6eb486efb81d1dcfb5 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-init:0.1@sha256:c35cc37d6f40fef0f2ed614b502b058e13fe7af29c0888bc4799fd625b6f3374 name: init - name: clone-repository params: @@ -139,7 +139,7 @@ spec: runAfter: - init taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-git-clone:0.1@sha256:913cdc904919482689e79829daeaa3b4d4cc116aafefd135d5af1fc2f8f1afcd + bundle: quay.io/redhat-appstudio-tekton-catalog/task-git-clone:0.1@sha256:b8fddc2d36313a5cde93aba2491205f4a84e6853af6c34ede681f8339b147478 name: git-clone when: - input: $(tasks.init.results.build) @@ -158,7 +158,7 @@ spec: runAfter: - clone-repository taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-prefetch-dependencies:0.1@sha256:563b91f72adf9b3b93f990f7c1d140f79749af837135aa07212347cb9ed79a34 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-prefetch-dependencies:0.1@sha256:9630dd7d50002fdffb4a406fb0c538703ef98bf2f4318249ac3a2c229938dbea name: prefetch-dependencies when: - input: $(params.hermetic) @@ -187,7 +187,7 @@ spec: runAfter: - prefetch-dependencies taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-buildah:0.1@sha256:8607f9b9d7696e156f186f3fc379ab2e4472c865431ef423e19a26f8707a2961 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-buildah:0.1@sha256:9e7be6d3f2cde33fabfda9d454757530ce7f73e2414c00da1a3ebabf95fc52c5 name: buildah when: - input: $(tasks.init.results.build) @@ -208,7 +208,7 @@ spec: runAfter: - build-container taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-inspect-image:0.1@sha256:9873371b41de7f8bcda4dfbbbd4c8fe2af95c1236cdf61d8b4617f445e460aad + bundle: quay.io/redhat-appstudio-tekton-catalog/task-inspect-image:0.1@sha256:ff8a4844ac36a8cbeecf02874e73952f314089cf497037ed762fa01dde397225 name: inspect-image when: - input: $(params.skip-checks) @@ -254,7 +254,7 @@ spec: - name: BASE_IMAGES_DIGESTS value: $(tasks.build-container.results.BASE_IMAGES_DIGESTS) taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-deprecated-image-check:0.3@sha256:88b6fd5ffc29d67cd39a30634b70bf874f1894f9a7791dfc0d95980498c01d26 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-deprecated-image-check:0.3@sha256:61f9b273432c6d087393de6ab972a2f7af1c385a1cc36447b215dabf5d9ba0de name: deprecated-image-check when: - input: $(params.skip-checks) @@ -272,7 +272,7 @@ spec: runAfter: - build-container taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-clair-scan:0.1@sha256:ec6156c4a4a0777eb59a0355b9ad8257c1d39dc28b8eb8dea1446b3f682a77a8 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-clair-scan:0.1@sha256:fe27ccc0603b63b313329b76aa888523dabf7368fc25e976fcccc4d52bb3a5e3 name: clair-scan when: - input: $(params.skip-checks) @@ -286,7 +286,7 @@ spec: runAfter: - clone-repository taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-sast-snyk-check:0.1@sha256:cdb08029043d69502fe119c21aa4da3d1fdf1b16f3783f5e9dac1874e5c168e0 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-sast-snyk-check:0.1@sha256:339903f4a95b45b3f2dd4e6941b84679eaa70683bde83f46b0d835680c7aae8b name: sast-snyk-check when: - input: $(params.skip-checks) @@ -311,7 +311,7 @@ spec: runAfter: - build-container taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-clamav-scan:0.1@sha256:d4f0bffa30afd8d8f35c73761620fc9bd3830e5fbe3236cf16b3d76575f7afca + bundle: quay.io/redhat-appstudio-tekton-catalog/task-clamav-scan:0.1@sha256:de8c855a71d5bb6b838246f5c5a1a420747379b9cca047ce79b89c9b53812267 name: clamav-scan when: - input: $(params.skip-checks) @@ -327,7 +327,7 @@ spec: runAfter: - build-container taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-sbom-json-check:0.1@sha256:4a43362f0050de37e7dc23ab46faee9536e7946cf7b7b1e15727ac8c82f2e3bc + bundle: quay.io/redhat-appstudio-tekton-catalog/task-sbom-json-check:0.1@sha256:563150a37f3802ab481be73b562f02f5a26ac3a11f116f247096620fe7a1ca48 name: sbom-json-check when: - input: $(params.skip-checks) diff --git a/.tekton/governance-policy-propagator-fm3n-push.yaml b/.tekton/governance-policy-propagator-fm3n-push.yaml index cc37bac2..5f2239d3 100644 --- a/.tekton/governance-policy-propagator-fm3n-push.yaml +++ b/.tekton/governance-policy-propagator-fm3n-push.yaml @@ -34,7 +34,7 @@ spec: - name: IMAGE_URL value: $(tasks.build-container.results.IMAGE_URL) taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-show-sbom:0.1@sha256:4b8a47b3cd3f80d0a9ec46ec43fd2ebe0487979f351a8eeebe5aa04854d3861c + bundle: quay.io/redhat-appstudio-tekton-catalog/task-show-sbom:0.1@sha256:202d3c3385120ea847d8f0a82bd8d9d5e873d67f981d6f8a51fb1706caaf6bef name: show-sbom - name: show-summary params: @@ -47,7 +47,7 @@ spec: - name: build-task-status value: $(tasks.build-container.status) taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-summary:0.1@sha256:08fde7abf2e24f31d68119d613fb208a25c71263cef440f02c8cb3a43d91813d + bundle: quay.io/redhat-appstudio-tekton-catalog/task-summary:0.1@sha256:f65a69aaf71cbab382eff685eee522ad35068a4d91d233e76cef7d42ff15a686 name: summary params: - description: Source Repository URL @@ -125,7 +125,7 @@ spec: - name: pipelinerun-uid value: $(context.pipelineRun.uid) taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-init:0.1@sha256:159b85246559defbabbd55a42da0b7f618a4307d13bd4d6eb486efb81d1dcfb5 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-init:0.1@sha256:c35cc37d6f40fef0f2ed614b502b058e13fe7af29c0888bc4799fd625b6f3374 name: init - name: clone-repository params: @@ -136,7 +136,7 @@ spec: runAfter: - init taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-git-clone:0.1@sha256:913cdc904919482689e79829daeaa3b4d4cc116aafefd135d5af1fc2f8f1afcd + bundle: quay.io/redhat-appstudio-tekton-catalog/task-git-clone:0.1@sha256:b8fddc2d36313a5cde93aba2491205f4a84e6853af6c34ede681f8339b147478 name: git-clone when: - input: $(tasks.init.results.build) @@ -155,7 +155,7 @@ spec: runAfter: - clone-repository taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-prefetch-dependencies:0.1@sha256:563b91f72adf9b3b93f990f7c1d140f79749af837135aa07212347cb9ed79a34 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-prefetch-dependencies:0.1@sha256:9630dd7d50002fdffb4a406fb0c538703ef98bf2f4318249ac3a2c229938dbea name: prefetch-dependencies when: - input: $(params.hermetic) @@ -184,7 +184,7 @@ spec: runAfter: - prefetch-dependencies taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-buildah:0.1@sha256:8607f9b9d7696e156f186f3fc379ab2e4472c865431ef423e19a26f8707a2961 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-buildah:0.1@sha256:9e7be6d3f2cde33fabfda9d454757530ce7f73e2414c00da1a3ebabf95fc52c5 name: buildah when: - input: $(tasks.init.results.build) @@ -205,7 +205,7 @@ spec: runAfter: - build-container taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-inspect-image:0.1@sha256:9873371b41de7f8bcda4dfbbbd4c8fe2af95c1236cdf61d8b4617f445e460aad + bundle: quay.io/redhat-appstudio-tekton-catalog/task-inspect-image:0.1@sha256:ff8a4844ac36a8cbeecf02874e73952f314089cf497037ed762fa01dde397225 name: inspect-image when: - input: $(params.skip-checks) @@ -251,7 +251,7 @@ spec: - name: BASE_IMAGES_DIGESTS value: $(tasks.build-container.results.BASE_IMAGES_DIGESTS) taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-deprecated-image-check:0.3@sha256:88b6fd5ffc29d67cd39a30634b70bf874f1894f9a7791dfc0d95980498c01d26 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-deprecated-image-check:0.3@sha256:61f9b273432c6d087393de6ab972a2f7af1c385a1cc36447b215dabf5d9ba0de name: deprecated-image-check when: - input: $(params.skip-checks) @@ -269,7 +269,7 @@ spec: runAfter: - build-container taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-clair-scan:0.1@sha256:ec6156c4a4a0777eb59a0355b9ad8257c1d39dc28b8eb8dea1446b3f682a77a8 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-clair-scan:0.1@sha256:fe27ccc0603b63b313329b76aa888523dabf7368fc25e976fcccc4d52bb3a5e3 name: clair-scan when: - input: $(params.skip-checks) @@ -283,7 +283,7 @@ spec: runAfter: - clone-repository taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-sast-snyk-check:0.1@sha256:cdb08029043d69502fe119c21aa4da3d1fdf1b16f3783f5e9dac1874e5c168e0 + bundle: quay.io/redhat-appstudio-tekton-catalog/task-sast-snyk-check:0.1@sha256:339903f4a95b45b3f2dd4e6941b84679eaa70683bde83f46b0d835680c7aae8b name: sast-snyk-check when: - input: $(params.skip-checks) @@ -308,7 +308,7 @@ spec: runAfter: - build-container taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-clamav-scan:0.1@sha256:d4f0bffa30afd8d8f35c73761620fc9bd3830e5fbe3236cf16b3d76575f7afca + bundle: quay.io/redhat-appstudio-tekton-catalog/task-clamav-scan:0.1@sha256:de8c855a71d5bb6b838246f5c5a1a420747379b9cca047ce79b89c9b53812267 name: clamav-scan when: - input: $(params.skip-checks) @@ -324,7 +324,7 @@ spec: runAfter: - build-container taskRef: - bundle: quay.io/redhat-appstudio-tekton-catalog/task-sbom-json-check:0.1@sha256:4a43362f0050de37e7dc23ab46faee9536e7946cf7b7b1e15727ac8c82f2e3bc + bundle: quay.io/redhat-appstudio-tekton-catalog/task-sbom-json-check:0.1@sha256:563150a37f3802ab481be73b562f02f5a26ac3a11f116f247096620fe7a1ca48 name: sbom-json-check when: - input: $(params.skip-checks)