Skip to content

Commit 7376cf5

Browse files
simonbairdsimonbaird
authored
Merge pull request #3000 from simonbaird/upgrade-oauth2-and-konflux-refs-v06
Upgrade go deps & konflux refs, add CPE label (v0.6)
2 parents 142e7a9 + 9b8c73e commit 7376cf5

File tree

11 files changed

+1537
-343
lines changed

11 files changed

+1537
-343
lines changed

.tekton/cli-v06-pull-request.yaml

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -150,7 +150,7 @@ spec:
150150
- name: name
151151
value: init
152152
- name: bundle
153-
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:ded314206f09712b2116deb050b774ae7efef9ab243794334c8e616871a3ffa5
153+
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:bbf313b09740fb39b3343bc69ee94b2a2c21d16a9304f9b7c111c305558fc346
154154
- name: kind
155155
value: task
156156
resolver: bundles
@@ -175,7 +175,7 @@ spec:
175175
- name: name
176176
value: git-clone-oci-ta
177177
- name: bundle
178-
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:4a601aeec58a1dd89c271e728fd8f0d84777825b46940c3aec27f15bab3edacf
178+
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:f21c34e50500edc84e4889d85fd71a80d79182b16c044adc7f5ecda021c6dfc7
179179
- name: kind
180180
value: task
181181
resolver: bundles
@@ -206,7 +206,7 @@ spec:
206206
- name: name
207207
value: prefetch-dependencies-oci-ta
208208
- name: bundle
209-
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:05551e144d090844903d61893a383fa4dc69ab563797f03ffaab0f8624bf530d
209+
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:dc82a7270aace9b1c26f7e96f8ccab2752e53d32980c41a45e1733baad76cde6
210210
- name: kind
211211
value: task
212212
resolver: bundles
@@ -249,7 +249,7 @@ spec:
249249
- name: name
250250
value: buildah-oci-ta
251251
- name: bundle
252-
value: quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta:0.4@sha256:c9ef8d723f5c3d65ec910d6fdb74607332620289ab083d6c97c602226fe7a8d2
252+
value: quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta:0.4@sha256:ac0a0b717e7bc44182e280aa76abc8cac2f2f9b5283c790a502b5bbe0466a42c
253253
- name: kind
254254
value: task
255255
resolver: bundles
@@ -278,7 +278,7 @@ spec:
278278
- name: name
279279
value: build-image-index
280280
- name: bundle
281-
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:ba7fbed5c4862968c1a77d6b90d5bdd497925ab1de41b859c027dd5c3069cd3e
281+
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:79784d53749584bc5a8de32142ec4e2f01cdbf42c20d94e59280e0b927c8597d
282282
- name: kind
283283
value: task
284284
resolver: bundles
@@ -304,7 +304,7 @@ spec:
304304
- name: name
305305
value: source-build-oci-ta
306306
- name: bundle
307-
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:7a36cc284c5932c18e117fe5995f3246b5dcc11ec742b66a2f9ae710034b064f
307+
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:36d44f2924f60da00a079a9ab7ce25ad8b2ad593c16d90509203c125ff0ccd46
308308
- name: kind
309309
value: task
310310
resolver: bundles
@@ -330,7 +330,7 @@ spec:
330330
- name: name
331331
value: deprecated-image-check
332332
- name: bundle
333-
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:c49732039f105de809840be396f83ead8c46f6a6948e1335b76d37e9eb469574
333+
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:f59175d9a0a60411738228dfe568af4684af4aa5e7e05c832927cb917801d489
334334
- name: kind
335335
value: task
336336
resolver: bundles
@@ -372,7 +372,7 @@ spec:
372372
- name: name
373373
value: ecosystem-cert-preflight-checks
374374
- name: bundle
375-
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:e106b6182e72c8f34ceae3f56b0b1aa2b4dc60f573877d9e51c3791029a7acb6
375+
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:7db70c6cf23f39b9aad8b75285df31ed2c1213d87842cd4502ffc268808c96c6
376376
- name: kind
377377
value: task
378378
resolver: bundles
@@ -398,7 +398,7 @@ spec:
398398
- name: name
399399
value: sast-snyk-check-oci-ta
400400
- name: bundle
401-
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:e371aa09c65ab309138b4aeae9ea4dd93f83119c5cc61e9f2057fe5bb518fbe9
401+
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:181d63c126e3119a9d57b8feed4eb66a875b5208c3e90724c22758e65dca8733
402402
- name: kind
403403
value: task
404404
resolver: bundles
@@ -420,7 +420,7 @@ spec:
420420
- name: name
421421
value: clamav-scan
422422
- name: bundle
423-
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:a1de3c8134db8119480a726d60e96a6c4907f81b92b789e7d39d78d239ab638c
423+
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:40555593de346dd3083410c9517d52c3f27e27cb66f447054f4f66fcff56e23f
424424
- name: kind
425425
value: task
426426
resolver: bundles
@@ -494,7 +494,7 @@ spec:
494494
- name: name
495495
value: apply-tags
496496
- name: bundle
497-
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:e0de426d492e195f59c99d2ea1ca0df7bfb8c689f5d1468fe7f70eb8684b8d02
497+
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:f44be1bf0262471f2f503f5e19da5f0628dcaf968c86272a2ad6b4871e708448
498498
- name: kind
499499
value: task
500500
resolver: bundles
@@ -517,7 +517,7 @@ spec:
517517
- name: name
518518
value: push-dockerfile-oci-ta
519519
- name: bundle
520-
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:235ef6e835de8171c07b8a7f8947d0b40bfcff999e1ff3cb6ddd9acc65c48430
520+
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:2bc5b3afc5de56da0f06eac60b65e86f6b861b16a63f48579fc0bac7d657e14c
521521
- name: kind
522522
value: task
523523
resolver: bundles
@@ -534,7 +534,7 @@ spec:
534534
- name: name
535535
value: rpms-signature-scan
536536
- name: bundle
537-
value: quay.io/konflux-ci/konflux-vanguard/task-rpms-signature-scan:0.2@sha256:c943625383f1cb95f9fd99506d13a5a12b9c91e7796ea14e228093f9d4995d10
537+
value: quay.io/konflux-ci/konflux-vanguard/task-rpms-signature-scan:0.2@sha256:06977232e67509e5540528ff6c3b081b23fc5bf3e40fb3e2d09a086d5c3243fc
538538
- name: kind
539539
value: task
540540
resolver: bundles

.tekton/cli-v06-push.yaml

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -149,7 +149,7 @@ spec:
149149
- name: name
150150
value: init
151151
- name: bundle
152-
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:ded314206f09712b2116deb050b774ae7efef9ab243794334c8e616871a3ffa5
152+
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:bbf313b09740fb39b3343bc69ee94b2a2c21d16a9304f9b7c111c305558fc346
153153
- name: kind
154154
value: task
155155
resolver: bundles
@@ -174,7 +174,7 @@ spec:
174174
- name: name
175175
value: git-clone-oci-ta
176176
- name: bundle
177-
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:4a601aeec58a1dd89c271e728fd8f0d84777825b46940c3aec27f15bab3edacf
177+
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:f21c34e50500edc84e4889d85fd71a80d79182b16c044adc7f5ecda021c6dfc7
178178
- name: kind
179179
value: task
180180
resolver: bundles
@@ -205,7 +205,7 @@ spec:
205205
- name: name
206206
value: prefetch-dependencies-oci-ta
207207
- name: bundle
208-
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:05551e144d090844903d61893a383fa4dc69ab563797f03ffaab0f8624bf530d
208+
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:dc82a7270aace9b1c26f7e96f8ccab2752e53d32980c41a45e1733baad76cde6
209209
- name: kind
210210
value: task
211211
resolver: bundles
@@ -248,7 +248,7 @@ spec:
248248
- name: name
249249
value: buildah-oci-ta
250250
- name: bundle
251-
value: quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta:0.4@sha256:c9ef8d723f5c3d65ec910d6fdb74607332620289ab083d6c97c602226fe7a8d2
251+
value: quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta:0.4@sha256:ac0a0b717e7bc44182e280aa76abc8cac2f2f9b5283c790a502b5bbe0466a42c
252252
- name: kind
253253
value: task
254254
resolver: bundles
@@ -277,7 +277,7 @@ spec:
277277
- name: name
278278
value: build-image-index
279279
- name: bundle
280-
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:ba7fbed5c4862968c1a77d6b90d5bdd497925ab1de41b859c027dd5c3069cd3e
280+
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:79784d53749584bc5a8de32142ec4e2f01cdbf42c20d94e59280e0b927c8597d
281281
- name: kind
282282
value: task
283283
resolver: bundles
@@ -303,7 +303,7 @@ spec:
303303
- name: name
304304
value: source-build-oci-ta
305305
- name: bundle
306-
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:7a36cc284c5932c18e117fe5995f3246b5dcc11ec742b66a2f9ae710034b064f
306+
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:36d44f2924f60da00a079a9ab7ce25ad8b2ad593c16d90509203c125ff0ccd46
307307
- name: kind
308308
value: task
309309
resolver: bundles
@@ -329,7 +329,7 @@ spec:
329329
- name: name
330330
value: deprecated-image-check
331331
- name: bundle
332-
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:c49732039f105de809840be396f83ead8c46f6a6948e1335b76d37e9eb469574
332+
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:f59175d9a0a60411738228dfe568af4684af4aa5e7e05c832927cb917801d489
333333
- name: kind
334334
value: task
335335
resolver: bundles
@@ -371,7 +371,7 @@ spec:
371371
- name: name
372372
value: ecosystem-cert-preflight-checks
373373
- name: bundle
374-
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:e106b6182e72c8f34ceae3f56b0b1aa2b4dc60f573877d9e51c3791029a7acb6
374+
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:7db70c6cf23f39b9aad8b75285df31ed2c1213d87842cd4502ffc268808c96c6
375375
- name: kind
376376
value: task
377377
resolver: bundles
@@ -397,7 +397,7 @@ spec:
397397
- name: name
398398
value: sast-snyk-check-oci-ta
399399
- name: bundle
400-
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:e371aa09c65ab309138b4aeae9ea4dd93f83119c5cc61e9f2057fe5bb518fbe9
400+
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:181d63c126e3119a9d57b8feed4eb66a875b5208c3e90724c22758e65dca8733
401401
- name: kind
402402
value: task
403403
resolver: bundles
@@ -419,7 +419,7 @@ spec:
419419
- name: name
420420
value: clamav-scan
421421
- name: bundle
422-
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:a1de3c8134db8119480a726d60e96a6c4907f81b92b789e7d39d78d239ab638c
422+
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:40555593de346dd3083410c9517d52c3f27e27cb66f447054f4f66fcff56e23f
423423
- name: kind
424424
value: task
425425
resolver: bundles
@@ -493,7 +493,7 @@ spec:
493493
- name: name
494494
value: apply-tags
495495
- name: bundle
496-
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:e0de426d492e195f59c99d2ea1ca0df7bfb8c689f5d1468fe7f70eb8684b8d02
496+
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:f44be1bf0262471f2f503f5e19da5f0628dcaf968c86272a2ad6b4871e708448
497497
- name: kind
498498
value: task
499499
resolver: bundles
@@ -516,7 +516,7 @@ spec:
516516
- name: name
517517
value: push-dockerfile-oci-ta
518518
- name: bundle
519-
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:235ef6e835de8171c07b8a7f8947d0b40bfcff999e1ff3cb6ddd9acc65c48430
519+
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:2bc5b3afc5de56da0f06eac60b65e86f6b861b16a63f48579fc0bac7d657e14c
520520
- name: kind
521521
value: task
522522
resolver: bundles
@@ -533,7 +533,7 @@ spec:
533533
- name: name
534534
value: rpms-signature-scan
535535
- name: bundle
536-
value: quay.io/konflux-ci/konflux-vanguard/task-rpms-signature-scan:0.2@sha256:c943625383f1cb95f9fd99506d13a5a12b9c91e7796ea14e228093f9d4995d10
536+
value: quay.io/konflux-ci/konflux-vanguard/task-rpms-signature-scan:0.2@sha256:06977232e67509e5540528ff6c3b081b23fc5bf3e40fb3e2d09a086d5c3243fc
537537
- name: kind
538538
value: task
539539
resolver: bundles

Dockerfile.dist

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,8 @@ ARG TARGETARCH
5151
ARG CLI_NAME="Enterprise Contract"
5252

5353
LABEL \
54-
name="ec-cli" \
54+
name="rhtas/ec-rhel9" \
55+
cpe="cpe:/a:redhat:trusted_artifact_signer:1.2::el9" \
5556
description="${CLI_NAME} verifies and checks supply chain artifacts to ensure they meet security and business policies." \
5657
io.k8s.description="${CLI_NAME} verifies and checks supply chain artifacts to ensure they meet security and business policies." \
5758
summary="Provides the binaries for downloading the ${CLI_NAME} CLI. Also used as a runner image for Tekton tasks." \

acceptance/go.mod

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -110,7 +110,6 @@ require (
110110
github.com/go-openapi/validate v0.24.0 // indirect
111111
github.com/gofrs/uuid v4.4.0+incompatible // indirect
112112
github.com/gogo/protobuf v1.3.2 // indirect
113-
github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
114113
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
115114
github.com/golang/protobuf v1.5.4 // indirect
116115
github.com/golang/snappy v0.0.4 // indirect
@@ -227,7 +226,7 @@ require (
227226
golang.org/x/crypto v0.38.0 // indirect
228227
golang.org/x/mod v0.22.0 // indirect
229228
golang.org/x/net v0.34.0 // indirect
230-
golang.org/x/oauth2 v0.26.0 // indirect
229+
golang.org/x/oauth2 v0.27.0 // indirect
231230
golang.org/x/sync v0.14.0 // indirect
232231
golang.org/x/sys v0.33.0 // indirect
233232
golang.org/x/term v0.32.0 // indirect

0 commit comments

Comments
 (0)