diff --git a/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-eventmesh-116.yaml b/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-eventmesh-116.yaml index b03b9f52..77d56cdb 100755 --- a/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-eventmesh-116.yaml +++ b/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-eventmesh-116.yaml @@ -3,11 +3,17 @@ kind: Component metadata: annotations: build.appstudio.openshift.io/pipeline: '{"name":"docker-build","bundle":"latest"}' + build.appstudio.openshift.io/request: configure-pac-no-mr name: kn-backstage-plugins-eventmesh-116 spec: componentName: kn-backstage-plugins-eventmesh-116 application: serverless-operator-136 + build-nudges-ref: + + - "serverless-bundle-136" + + source: git: url: https://github.com/openshift-knative/backstage-plugins.git diff --git a/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-migrate-116.yaml b/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-migrate-116.yaml index dd022bfe..dba5fe04 100755 --- a/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-migrate-116.yaml +++ b/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-migrate-116.yaml @@ -3,11 +3,17 @@ kind: Component metadata: annotations: build.appstudio.openshift.io/pipeline: '{"name":"docker-build","bundle":"latest"}' + build.appstudio.openshift.io/request: configure-pac-no-mr name: kn-backstage-plugins-migrate-116 spec: componentName: kn-backstage-plugins-migrate-116 application: serverless-operator-136 + build-nudges-ref: + + - "serverless-bundle-136" + + source: git: url: https://github.com/openshift-knative/backstage-plugins.git diff --git a/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-test-eventshub-116.yaml b/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-test-eventshub-116.yaml index fba01307..82fc2a2b 100755 --- a/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-test-eventshub-116.yaml +++ b/.konflux/applications/serverless-operator-136/components/kn-backstage-plugins-test-eventshub-116.yaml @@ -3,11 +3,17 @@ kind: Component metadata: annotations: build.appstudio.openshift.io/pipeline: '{"name":"docker-build","bundle":"latest"}' + build.appstudio.openshift.io/request: configure-pac-no-mr name: kn-backstage-plugins-test-eventshub-116 spec: componentName: kn-backstage-plugins-test-eventshub-116 application: serverless-operator-136 + build-nudges-ref: + + - "serverless-bundle-136" + + source: git: url: https://github.com/openshift-knative/backstage-plugins.git diff --git a/.konflux/applications/serverless-operator-136/tests/ec-test.yaml b/.konflux/applications/serverless-operator-136/tests/ec-test.yaml index f06b8864..d3ed696d 100755 --- a/.konflux/applications/serverless-operator-136/tests/ec-test.yaml +++ b/.konflux/applications/serverless-operator-136/tests/ec-test.yaml @@ -1,17 +1,19 @@ apiVersion: appstudio.redhat.com/v1beta2 kind: IntegrationTestScenario metadata: - name: serverless-operator-136-enterprise-contract + name: serverless-operator-136-ec spec: params: - name: POLICY_CONFIGURATION value: rhtap-releng-tenant/registry-standard-stage - name: TIMEOUT - value: "45m0s" + value: "120m" + - name: WORKERS + value: "8" application: serverless-operator-136 contexts: - description: Application testing - name: application + name: push resolverRef: params: - name: url diff --git a/.konflux/applications/serverless-operator-136/tests/override-snapshot-ec-test.yaml b/.konflux/applications/serverless-operator-136/tests/override-snapshot-ec-test.yaml new file mode 100755 index 00000000..ac2338ad --- /dev/null +++ b/.konflux/applications/serverless-operator-136/tests/override-snapshot-ec-test.yaml @@ -0,0 +1,25 @@ +apiVersion: appstudio.redhat.com/v1beta2 +kind: IntegrationTestScenario +metadata: + name: serverless-operator-136-ec-override-snapshot +spec: + params: + - name: POLICY_CONFIGURATION + value: rhtap-releng-tenant/registry-ocp-serverless-prod + - name: TIMEOUT + value: "120m" + - name: WORKERS + value: "8" + application: serverless-operator-136 + contexts: + - description: Override Snapshot testing + name: override + resolverRef: + params: + - name: url + value: 'https://github.com/redhat-appstudio/build-definitions' + - name: revision + value: main + - name: pathInRepo + value: pipelines/enterprise-contract.yaml + resolver: git diff --git a/.tekton/docker-build.yaml b/.tekton/docker-build.yaml index 36d2a6c4..eaa62b18 100755 --- a/.tekton/docker-build.yaml +++ b/.tekton/docker-build.yaml @@ -429,6 +429,56 @@ spec: operator: in values: - "false" + - name: sast-shell-check + params: + - name: image-digest + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: SOURCE_ARTIFACT + value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) + - name: CACHI2_ARTIFACT + value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: sast-shell-check-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:7553ec6925d0586b286502669b8e31a39dc73501f657426bac99019ac598d6ab + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" + - name: sast-unicode-check + params: + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: SOURCE_ARTIFACT + value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) + - name: CACHI2_ARTIFACT + value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: sast-shell-check-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:7553ec6925d0586b286502669b8e31a39dc73501f657426bac99019ac598d6ab + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" - name: push-dockerfile params: - name: IMAGE diff --git a/.tekton/kn-backstage-plugins-eventmesh-116-pull-request.yaml b/.tekton/kn-backstage-plugins-eventmesh-116-pull-request.yaml index f8539588..bead9297 100755 --- a/.tekton/kn-backstage-plugins-eventmesh-116-pull-request.yaml +++ b/.tekton/kn-backstage-plugins-eventmesh-116-pull-request.yaml @@ -21,11 +21,11 @@ spec: value: openshift/ci-operator/knative-images/eventmesh/Dockerfile - name: build-args value: - - VERSION=1.36.0 - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 - name: git-url value: '{{source_url}}' - name: hermetic diff --git a/.tekton/kn-backstage-plugins-eventmesh-116-push.yaml b/.tekton/kn-backstage-plugins-eventmesh-116-push.yaml index 3d4e8e4d..57677d96 100755 --- a/.tekton/kn-backstage-plugins-eventmesh-116-push.yaml +++ b/.tekton/kn-backstage-plugins-eventmesh-116-push.yaml @@ -20,11 +20,11 @@ spec: value: openshift/ci-operator/knative-images/eventmesh/Dockerfile - name: build-args value: - - VERSION=1.36.0 - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 - name: git-url value: '{{source_url}}' - name: hermetic @@ -35,6 +35,7 @@ spec: value: '{{revision}}' - name: additional-tags value: + - $(context.pipelineRun.uid)-{{revision}} - 1.36.0 - latest pipelineRef: diff --git a/.tekton/kn-backstage-plugins-migrate-116-pull-request.yaml b/.tekton/kn-backstage-plugins-migrate-116-pull-request.yaml index 627a8072..046fa1cf 100755 --- a/.tekton/kn-backstage-plugins-migrate-116-pull-request.yaml +++ b/.tekton/kn-backstage-plugins-migrate-116-pull-request.yaml @@ -21,11 +21,11 @@ spec: value: openshift/ci-operator/knative-images/migrate/Dockerfile - name: build-args value: - - VERSION=1.36.0 - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 - name: git-url value: '{{source_url}}' - name: hermetic diff --git a/.tekton/kn-backstage-plugins-migrate-116-push.yaml b/.tekton/kn-backstage-plugins-migrate-116-push.yaml index 176ddc5c..55d9c9b3 100755 --- a/.tekton/kn-backstage-plugins-migrate-116-push.yaml +++ b/.tekton/kn-backstage-plugins-migrate-116-push.yaml @@ -20,11 +20,11 @@ spec: value: openshift/ci-operator/knative-images/migrate/Dockerfile - name: build-args value: - - VERSION=1.36.0 - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 - name: git-url value: '{{source_url}}' - name: hermetic @@ -35,6 +35,7 @@ spec: value: '{{revision}}' - name: additional-tags value: + - $(context.pipelineRun.uid)-{{revision}} - 1.36.0 - latest pipelineRef: diff --git a/.tekton/kn-backstage-plugins-test-eventshub-116-pull-request.yaml b/.tekton/kn-backstage-plugins-test-eventshub-116-pull-request.yaml index 16c8365d..6e6bcab1 100755 --- a/.tekton/kn-backstage-plugins-test-eventshub-116-pull-request.yaml +++ b/.tekton/kn-backstage-plugins-test-eventshub-116-pull-request.yaml @@ -21,11 +21,11 @@ spec: value: openshift/ci-operator/knative-test-images/eventshub/Dockerfile - name: build-args value: - - VERSION=1.36.0 - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 - name: git-url value: '{{source_url}}' - name: hermetic diff --git a/.tekton/kn-backstage-plugins-test-eventshub-116-push.yaml b/.tekton/kn-backstage-plugins-test-eventshub-116-push.yaml index 07352ab2..43e8b49f 100755 --- a/.tekton/kn-backstage-plugins-test-eventshub-116-push.yaml +++ b/.tekton/kn-backstage-plugins-test-eventshub-116-push.yaml @@ -20,11 +20,11 @@ spec: value: openshift/ci-operator/knative-test-images/eventshub/Dockerfile - name: build-args value: - - VERSION=1.36.0 - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 - name: git-url value: '{{source_url}}' - name: hermetic @@ -35,6 +35,7 @@ spec: value: '{{revision}}' - name: additional-tags value: + - $(context.pipelineRun.uid)-{{revision}} - 1.36.0 - latest pipelineRef: diff --git a/openshift/ci-operator/build-image/Dockerfile b/openshift/ci-operator/build-image/Dockerfile index deaa5319..c141d4fb 100755 --- a/openshift/ci-operator/build-image/Dockerfile +++ b/openshift/ci-operator/build-image/Dockerfile @@ -19,7 +19,7 @@ RUN wget https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 && RUN ./get-helm-3 --version v3.11.3 --no-sudo && helm version RUN GOFLAGS='' go install github.com/mikefarah/yq/v3@latest -RUN GOFLAGS='' go install -tags="exclude_graphdriver_btrfs containers_image_openpgp" github.com/containers/skopeo/cmd/skopeo@v1.16.1 +RUN GOFLAGS='' go install -tags="exclude_graphdriver_btrfs containers_image_openpgp" github.com/containers/skopeo/cmd/skopeo@v1.17.0 # go install creates $GOPATH/.cache with root permissions, we delete it here # to avoid permission issues with the runtime users