Use Konflux-built Syft image #1336
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We want to switch from the quay.io/redhat-appstudio/syft image to registry.redhat.io/rh-syft-tech-preview/syft-rhel9. The new syft image is built on ubi-micro and doesn't include the 'find' util. Delete the symlinks already in the build step. This is broken for buildah-remote, because the generation script does not handle this part of the buildah script properly. To be fixed later. Signed-off-by: Adam Cmiel <[email protected]>
Use a multi-line string literal instead of repeatedly concatenating individual strings riddled with newline characters and confusing whitespace. Doesn't do much for the overall impossibility of reading the code, but at least the upcoming changes to this part will be possible to review. Signed-off-by: Adam Cmiel <[email protected]>
Some parts of the buildah script have to run in the cluster, not on the remote VM. But the task-generator doesn't know that, so it runs them on the VM (because they're in the buildah script) and hardcodes those that should run *again* in the cluster. Add symlink deletion to the hardcoded part. Signed-off-by: Adam Cmiel <[email protected]>
Switch from quay.io/redhat-appstudio/syft to registry.access.redhat.com/rh-syft-tech-preview/syft-rhel9. The latter is built and released via Konflux (from https://github.com/redhat-appstudio/rh-syft/) and is a bit more up to date. Signed-off-by: Adam Cmiel <[email protected]>
Signed-off-by: Adam Cmiel <[email protected]>
chmeliik
force-pushed
the
new-syft-image
branch
from
deedd3b to
e2b2b24
Compare
MartinBasti
reviewed
Aug 26, 2024
| @@ -426,7 +426,7 @@ spec: | |||
| add: | |||
| - SETFCAP | |||
| - name: sbom-syft-generate | |||
| image: quay.io/redhat-appstudio/syft:v0.105.1@sha256:1910b829997650c696881e5fc2fc654ddf3184c27edb1b2024e9cb2ba51ac431 | |||
| image: registry.access.redhat.com/rh-syft-tech-preview/syft-rhel9:1.4.1@sha256:34d7065427085a31dc4949bd283c001b91794d427e1e4cdf1b21ea4faf9fee3f | |||
There was a problem hiding this comment.
if syft is based on ubi9, why it's called syft-rhel9 and not syft-ubi9 ?
ubi and rhel is not the same
There was a problem hiding this comment.
Comet configuration. IIRC -ubi9 wasn't an option ¯\_(ツ)_/¯
(and "no suffix" also wasn't an option)
mkosiarc
approved these changes
Aug 27, 2024
mmorhun
approved these changes
Aug 27, 2024
tkdchen
approved these changes
Aug 27, 2024
chmeliik
added a commit
to chmeliik/build-tasks-dockerfiles
that referenced
this pull request
Aug 27, 2024
After konflux-ci/build-definitions#1336, build tasks no longer use this Syft image. Signed-off-by: Adam Cmiel <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
STONEBLD-2715
Switch from quay.io/redhat-appstudio/syft to
registry.access.redhat.com/rh-syft-tech-preview/syft-rhel9.
The latter is built and released via Konflux (from
https://github.com/redhat-appstudio/rh-syft/) and is a bit more up to
date.