From 21c1992fa37251c2faf4aac99ba90bc4c83e0456 Mon Sep 17 00:00:00 2001
From: Avi Biton <abiton@redhat.com>
Date: Mon, 7 Oct 2024 12:07:27 +0300
Subject: [PATCH] add rpms-signature-scan task to pipeline

add rpms-signature-scan task to pipeline

Signed-off-by: Avi Biton <abiton@redhat.com>
---
 .tekton/notification-service-pull-request.yaml | 17 +++++++++++++++++
 .tekton/notification-service-push.yaml         | 17 +++++++++++++++++
 2 files changed, 34 insertions(+)

diff --git a/.tekton/notification-service-pull-request.yaml b/.tekton/notification-service-pull-request.yaml
index 45a96e5..ce1e70d 100644
--- a/.tekton/notification-service-pull-request.yaml
+++ b/.tekton/notification-service-pull-request.yaml
@@ -321,6 +321,23 @@ spec:
         operator: in
         values:
         - "false"
+    - name: rpms-signature-scan
+      params:
+      - name: image-digest
+        value: $(tasks.build-container.results.IMAGE_DIGEST)
+      - name: image-url
+        value: $(tasks.build-container.results.IMAGE_URL)
+      runAfter:
+      - build-container
+      taskRef:
+        params:
+        - name: name
+          value: rpms-signature-scan
+        - name: bundle
+          value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.1@sha256:8e3515fdc0bbc0bcac994482a2396a8cd23e6a6fa9efaf3ec715ee312a376777
+        - name: kind
+          value: task
+        resolver: bundles
     - name: ecosystem-cert-preflight-checks
       params:
       - name: image-url
diff --git a/.tekton/notification-service-push.yaml b/.tekton/notification-service-push.yaml
index dcc0767..ea14bb3 100644
--- a/.tekton/notification-service-push.yaml
+++ b/.tekton/notification-service-push.yaml
@@ -318,6 +318,23 @@ spec:
         operator: in
         values:
         - "false"
+    - name: rpms-signature-scan
+      params:
+      - name: image-digest
+        value: $(tasks.build-container.results.IMAGE_DIGEST)
+      - name: image-url
+        value: $(tasks.build-container.results.IMAGE_URL)
+      runAfter:
+      - build-container
+      taskRef:
+        params:
+        - name: name
+          value: rpms-signature-scan
+        - name: bundle
+          value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.1@sha256:8e3515fdc0bbc0bcac994482a2396a8cd23e6a6fa9efaf3ec715ee312a376777
+        - name: kind
+          value: task
+        resolver: bundles
     - name: ecosystem-cert-preflight-checks
       params:
       - name: image-url