Skip to content

Update Konflux references#1153

Open
red-hat-konflux-kflux-prd-rh02[bot] wants to merge 1 commit intorelease-1.7from
konflux/references/release-1.7
Open

Update Konflux references#1153
red-hat-konflux-kflux-prd-rh02[bot] wants to merge 1 commit intorelease-1.7from
konflux/references/release-1.7

Conversation

@red-hat-konflux-kflux-prd-rh02
Copy link
Copy Markdown

@red-hat-konflux-kflux-prd-rh02 red-hat-konflux-kflux-prd-rh02 bot commented Apr 4, 2026
edited
Loading

This PR contains the following updates:

Package Change Notes
quay.io/konflux-ci/tekton-catalog/task-apply-tags (source, changelog) 0.20.3 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-build-image-index (source, changelog) 0.10.3 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta (source, changelog) 0.40.9 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta (source, changelog) 0.40.9 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-clair-scan (source, changelog) 0.20.3 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-clamav-scan (source, changelog) 0.20.3 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check (source, changelog) db2b2678b50144
quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check (source, changelog) f485ef85ff16b7
quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks (source, changelog) f99d2bdb4ac586
quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta (source, changelog) be82c552c388d2
quay.io/konflux-ci/tekton-catalog/task-init (source, changelog) 0.20.4 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta (source, changelog) 0.20.3 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta (source, changelog) 0.10.3 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan (source, changelog) 1b6c20a7f2e8ed
quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta (source, changelog) f9ca942e92d00e
quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta (source, changelog) bf7bddec4ef47e
quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta (source, changelog) fe5e5ba2ad986f
quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta (source, changelog) 0.30.4 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-show-sbom (source, changelog) 86c069c04994df
quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta (source, changelog) bfec1fa362f047

Release Notes

konflux-ci/build-definitions (quay.io/konflux-ci/tekton-catalog/task-apply-tags)

v0.3

  • Switched from bash implementation to Konflux Build CLI.
  • Deprecated older 0.1 and 0.2 versions.
konflux-ci/build-definitions (quay.io/konflux-ci/tekton-catalog/task-build-image-index)

v0.3

Changed
  • The task now uses konflux-build-cli for the build step instead of an inline bash
    implementation. This provides more robust error handling and simplified maintenance.
  • When ALWAYS_BUILD_INDEX is false and multiple images are provided, the task now
    creates an image index instead of failing. The previous behavior (failing with an error)
    was not useful.
  • Image reference validation is now stricter and will fail earlier for invalid formats.
Removed
  • COMMIT_SHA parameter (was not used by the task implementation)
  • IMAGE_EXPIRES_AFTER parameter (was not used by the task implementation)
Added
  • Started tracking changes in this file.
konflux-ci/build-definitions (quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta)

v0.9

Changed
  • The task now sets org.opencontainers.image.ref.name annotation in the
    locally stored OCI image index. This is not a user-facing change. It is for
    optimizing buildah-remote-oci-ta task.

v0.8

Fixed
  • Platform build arguments (BUILDPLATFORM, TARGETPLATFORM) now correctly include CPU variant
    for ARM architectures (e.g., linux/arm/v7 or linux/arm64/v8 instead of just linux/arm
    or linux/arm64).

v0.7

Added
  • Started tracking changes in this file.
konflux-ci/build-definitions (quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta)

v0.9

Changed
  • The buildah image now uses version 1.4.1 of konflux-ci/task-runner
    • This version pulls in version 1.42.1 of syft that ensures 'redhat' is used as the namespace for hummingbird rpms

v0.8

Fixed
  • Platform build arguments (BUILDPLATFORM, TARGETPLATFORM) now correctly include CPU variant
    for ARM architectures (e.g., linux/arm/v7 or linux/arm64/v8 instead of just linux/arm
    or linux/arm64).

v0.7

Added
  • Started tracking changes in this file.
konflux-ci/konflux-test-tasks (quay.io/konflux-ci/tekton-catalog/task-clair-scan)

v0.3

Changed
  • Replaced quay.io/konflux-ci/oras:latest image with quay.io/konflux-ci/task-runner:1.5.0 in the oci-attach-report step.
konflux-ci/build-definitions (quay.io/konflux-ci/tekton-catalog/task-init)

v0.4

  • Task started using konflux build cli instead of bash script.

v0.3

  • Remove params image-url, rebuild and skip-checks
  • Remove task result build
konflux-ci/build-definitions (quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta)

v0.3

  • Removed deprecated dev-package-managers parameter.
  • Switched from bash implementation to Konflux Build CLI.
konflux-ci/build-definitions (quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta)

v0.3

Fixed
  • Use Dockerfile as the file name in the uploaded artifact, regardless of the name of the actual file.

v0.2

Removed
  • BREAKING: Support for Dockerfile downloading in Konflux Build Pipeline.

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@red-hat-konflux-kflux-prd-rh02
Copy link
Copy Markdown
Author

red-hat-konflux-kflux-prd-rh02 bot commented Apr 4, 2026

Caution

There are some errors in your PipelineRun template.

PipelineRun Error
compliance-operator-must-gather-release-1-7-on-push CEL expression evaluation error: failed to parse expression "event == \"push\" && target_branch == \"release-1.7\" ( \"images/must-gather/***\".pathChanged() || \".tekton/*-must-gather-release-*.yaml\".pathChanged() || \"images/must-gather/Containerfile\".pathChanged() || \"utils/***\".pathChanged() || \"LICENSE\".pathChanged() )": ERROR: <input>:1:51: Syntax error: mismatched input '(' expecting <EOF> | event == "push" && target_branch == "release-1.7" ( "images/must-gather/***".pathChanged() || ".tekton/*-must-gather-release-*.yaml".pathChanged() || "images/must-gather/Containerfile".pathChanged() || "utils/***".pathChanged() || "LICENSE".pathChanged() ) | ..................................................^
compliance-operator-openscap-release-1-7-on-push CEL expression evaluation error: failed to parse expression "event == \"push\" && target_branch == \"release-1.7\" ( \"images/openscap/***\".pathChanged() || \".tekton/*-openscap-release-*.yaml\".pathChanged() || \"images/openscap/Containerfile\".pathChanged() || \"LICENSE\".pathChanged() )": ERROR: <input>:1:51: Syntax error: mismatched input '(' expecting <EOF> | event == "push" && target_branch == "release-1.7" ( "images/openscap/***".pathChanged() || ".tekton/*-openscap-release-*.yaml".pathChanged() || "images/openscap/Containerfile".pathChanged() || "LICENSE".pathChanged() ) | ..................................................^
compliance-operator-release-1-7-on-pull-request CEL expression evaluation error: expression "event == \"pull_request\" && target_branch == \"release-1.7\" && ( \".tekton/compliance-operator-release-1-7-pull-request*.yaml\".pathChanged() || \"*.go\".pathChanged() || \"pkg/**/*.go\".pathChanged() || \"cmd/**/*.go\".pathChanged() || \"version/***\".pathChaned() || \"config/***\".pathChanged() || \"*Makefile*\".pathChanged() || \"vendor/***\".pathChanged() || \"tests/***\".pathChanged() || \"LICENSE\".pathChanged() )" check failed: ERROR: <input>:1:252: undeclared reference to 'pathChaned' (in container '') | event == "pull_request" && target_branch == "release-1.7" && ( ".tekton/compliance-operator-release-1-7-pull-request*.yaml".pathChanged() || "*.go".pathChanged() || "pkg/**/*.go".pathChanged() || "cmd/**/*.go".pathChanged() || "version/***".pathChaned() || "config/***".pathChanged() || "*Makefile*".pathChanged() || "vendor/***".pathChanged() || "tests/***".pathChanged() || "LICENSE".pathChanged() ) | ...........................................................................................................................................................................................................................................................^
compliance-operator-release-1-7-on-push CEL expression evaluation error: expression "event == \"push\" && target_branch == \"release-1.7\" && ( \".tekton/compliance-operator-release-1-7-push.yaml\".pathChanged() || \"*.go\".pathChanged() || \"pkg/**/*.go\".pathChanged() || \"cmd/**/*.go\".pathChanged() || \"version/***\".pathChaned() || \"config/***\".pathChanged() || \"*Makefile*\".pathChanged() || \"vendor/***\".pathChanged() || \"tests/***\".pathChanged() || \"LICENSE\".pathChanged() )" check failed: ERROR: <input>:1:235: undeclared reference to 'pathChaned' (in container '') | event == "push" && target_branch == "release-1.7" && ( ".tekton/compliance-operator-release-1-7-push.yaml".pathChanged() || "*.go".pathChanged() || "pkg/**/*.go".pathChanged() || "cmd/**/*.go".pathChanged() || "version/***".pathChaned() || "config/***".pathChanged() || "*Makefile*".pathChanged() || "vendor/***".pathChanged() || "tests/***".pathChanged() || "LICENSE".pathChanged() ) | ..........................................................................................................................................................................................................................................^

1 similar comment
@red-hat-konflux-kflux-prd-rh02
Copy link
Copy Markdown
Author

red-hat-konflux-kflux-prd-rh02 bot commented Apr 4, 2026

Caution

There are some errors in your PipelineRun template.

PipelineRun Error
compliance-operator-must-gather-release-1-7-on-push CEL expression evaluation error: failed to parse expression "event == \"push\" && target_branch == \"release-1.7\" ( \"images/must-gather/***\".pathChanged() || \".tekton/*-must-gather-release-*.yaml\".pathChanged() || \"images/must-gather/Containerfile\".pathChanged() || \"utils/***\".pathChanged() || \"LICENSE\".pathChanged() )": ERROR: <input>:1:51: Syntax error: mismatched input '(' expecting <EOF> | event == "push" && target_branch == "release-1.7" ( "images/must-gather/***".pathChanged() || ".tekton/*-must-gather-release-*.yaml".pathChanged() || "images/must-gather/Containerfile".pathChanged() || "utils/***".pathChanged() || "LICENSE".pathChanged() ) | ..................................................^
compliance-operator-openscap-release-1-7-on-push CEL expression evaluation error: failed to parse expression "event == \"push\" && target_branch == \"release-1.7\" ( \"images/openscap/***\".pathChanged() || \".tekton/*-openscap-release-*.yaml\".pathChanged() || \"images/openscap/Containerfile\".pathChanged() || \"LICENSE\".pathChanged() )": ERROR: <input>:1:51: Syntax error: mismatched input '(' expecting <EOF> | event == "push" && target_branch == "release-1.7" ( "images/openscap/***".pathChanged() || ".tekton/*-openscap-release-*.yaml".pathChanged() || "images/openscap/Containerfile".pathChanged() || "LICENSE".pathChanged() ) | ..................................................^
compliance-operator-release-1-7-on-pull-request CEL expression evaluation error: expression "event == \"pull_request\" && target_branch == \"release-1.7\" && ( \".tekton/compliance-operator-release-1-7-pull-request*.yaml\".pathChanged() || \"*.go\".pathChanged() || \"pkg/**/*.go\".pathChanged() || \"cmd/**/*.go\".pathChanged() || \"version/***\".pathChaned() || \"config/***\".pathChanged() || \"*Makefile*\".pathChanged() || \"vendor/***\".pathChanged() || \"tests/***\".pathChanged() || \"LICENSE\".pathChanged() )" check failed: ERROR: <input>:1:252: undeclared reference to 'pathChaned' (in container '') | event == "pull_request" && target_branch == "release-1.7" && ( ".tekton/compliance-operator-release-1-7-pull-request*.yaml".pathChanged() || "*.go".pathChanged() || "pkg/**/*.go".pathChanged() || "cmd/**/*.go".pathChanged() || "version/***".pathChaned() || "config/***".pathChanged() || "*Makefile*".pathChanged() || "vendor/***".pathChanged() || "tests/***".pathChanged() || "LICENSE".pathChanged() ) | ...........................................................................................................................................................................................................................................................^
compliance-operator-release-1-7-on-push CEL expression evaluation error: expression "event == \"push\" && target_branch == \"release-1.7\" && ( \".tekton/compliance-operator-release-1-7-push.yaml\".pathChanged() || \"*.go\".pathChanged() || \"pkg/**/*.go\".pathChanged() || \"cmd/**/*.go\".pathChanged() || \"version/***\".pathChaned() || \"config/***\".pathChanged() || \"*Makefile*\".pathChanged() || \"vendor/***\".pathChanged() || \"tests/***\".pathChanged() || \"LICENSE\".pathChanged() )" check failed: ERROR: <input>:1:235: undeclared reference to 'pathChaned' (in container '') | event == "push" && target_branch == "release-1.7" && ( ".tekton/compliance-operator-release-1-7-push.yaml".pathChanged() || "*.go".pathChanged() || "pkg/**/*.go".pathChanged() || "cmd/**/*.go".pathChanged() || "version/***".pathChaned() || "config/***".pathChanged() || "*Makefile*".pathChanged() || "vendor/***".pathChanged() || "tests/***".pathChanged() || "LICENSE".pathChanged() ) | ..........................................................................................................................................................................................................................................^

@openshift-ci openshift-ci bot requested review from xiaojiey and yuumasato April 4, 2026 08:08
@openshift-ci
Copy link
Copy Markdown

openshift-ci bot commented Apr 4, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux-kflux-prd-rh02[bot]
Once this PR has been reviewed and has the lgtm label, please assign rhmdnd for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci
Copy link
Copy Markdown

openshift-ci bot commented Apr 4, 2026

Hi @red-hat-konflux-kflux-prd-rh02[bot]. Thanks for your PR.

I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 4, 2026

🤖 To deploy this PR, run the following command:

make catalog-deploy CATALOG_IMG=ghcr.io/complianceascode/compliance-operator-catalog:1153-1b550d24d5f72041438a7026c16b5e7bca0f0716

@red-hat-konflux-kflux-prd-rh02
Update Konflux references
aee29b0 
Signed-off-by: red-hat-konflux-kflux-prd-rh02 <190377777+red-hat-konflux-kflux-prd-rh02[bot]@users.noreply.github.com>
@red-hat-konflux-kflux-prd-rh02 red-hat-konflux-kflux-prd-rh02 bot force-pushed the konflux/references/release-1.7 branch from 1b550d2 to aee29b0 Compare April 11, 2026 04:08
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 11, 2026

🤖 To deploy this PR, run the following command:

make catalog-deploy CATALOG_IMG=ghcr.io/complianceascode/compliance-operator-catalog:1153-aee29b0d2323d9f73fc02a92f174b511cc938292

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xiaojiey xiaojiey Awaiting requested review from xiaojiey

@yuumasato yuumasato Awaiting requested review from yuumasato

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

docs-approved ok-to-test px-approved qe-approved

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants