From 583b7a41e8b36933964b2dcf3db7caa8a3d59d68 Mon Sep 17 00:00:00 2001 From: ccronca Date: Wed, 14 Aug 2024 14:59:03 +0200 Subject: [PATCH 1/2] fix(KONFLUX-3663): format Tekton PipelineRun files Format PipelineRun files with yq for consistent indentation and format Signed-off-by: ccronca --- .tekton/kserve-agent-28-pull-request.yaml | 18 ++++---------- .tekton/kserve-agent-28-push.yaml | 22 ++++++----------- .../kserve-controller-28-pull-request.yaml | 18 ++++---------- .tekton/kserve-controller-28-push.yaml | 22 ++++++----------- .tekton/kserve-router-28-pull-request.yaml | 18 ++++---------- .tekton/kserve-router-28-push.yaml | 22 ++++++----------- ...e-storage-initializer-28-pull-request.yaml | 18 ++++---------- .../kserve-storage-initializer-28-push.yaml | 24 +++++++------------ 8 files changed, 49 insertions(+), 113 deletions(-) diff --git a/.tekton/kserve-agent-28-pull-request.yaml b/.tekton/kserve-agent-28-pull-request.yaml index c1be10c101f..6d194bbd11b 100644 --- a/.tekton/kserve-agent-28-pull-request.yaml +++ b/.tekton/kserve-agent-28-pull-request.yaml @@ -7,11 +7,7 @@ metadata: build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}' build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" - pipelinesascode.tekton.dev/on-cel-expression: | - event == "pull_request" - && target_branch == "rhoai-2.8" - && ( !".tekton/**".pathChanged() || ".tekton/kserve-agent-28-pull-request.yaml".pathChanged() ) - && !"config/overlays/odh/params.env".pathChanged() + pipelinesascode.tekton.dev/on-cel-expression: "event == \"pull_request\" \n&& target_branch == \"rhoai-2.8\"\n&& ( !\".tekton/**\".pathChanged() || \".tekton/kserve-agent-28-pull-request.yaml\".pathChanged() )\n&& !\"config/overlays/odh/params.env\".pathChanged()\n" creationTimestamp: null labels: appstudio.openshift.io/application: kserve-agent @@ -82,13 +78,11 @@ spec: name: output-image type: string - default: . - description: Path to the source code of an application's component from where - to build image. + description: Path to the source code of an application's component from where to build image. name: path-context type: string - default: Dockerfile - description: Path to the Dockerfile inside the context specified by parameter - path-context + description: Path to the Dockerfile inside the context specified by parameter path-context name: dockerfile type: string - default: "false" @@ -112,16 +106,14 @@ spec: name: java type: string - default: "" - description: Image tag expiration time, time values could be something like - 1h, 2d, 3w for hours, days, and weeks, respectively. + description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively. name: image-expires-after - default: "false" description: Build a source image. name: build-source-image type: string - default: "" - description: Path to a file with build arguments which will be passed to podman - during build + description: Path to a file with build arguments which will be passed to podman during build name: build-args-file type: string results: diff --git a/.tekton/kserve-agent-28-push.yaml b/.tekton/kserve-agent-28-push.yaml index c850a2270e3..487ef3bcffb 100644 --- a/.tekton/kserve-agent-28-push.yaml +++ b/.tekton/kserve-agent-28-push.yaml @@ -7,11 +7,7 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" build.appstudio.openshift.io/build-nudge-files: ".*.env, .*.json" - pipelinesascode.tekton.dev/on-cel-expression: | - event == "push" - && target_branch == "rhoai-2.8" - && ( !".tekton/**".pathChanged() || ".tekton/kserve-agent-28-push.yaml".pathChanged() ) - && !"config/overlays/odh/params.env".pathChanged() + pipelinesascode.tekton.dev/on-cel-expression: "event == \"push\" \n&& target_branch == \"rhoai-2.8\" \n&& ( !\".tekton/**\".pathChanged() || \".tekton/kserve-agent-28-push.yaml\".pathChanged() ) \n&& !\"config/overlays/odh/params.env\".pathChanged()\n" creationTimestamp: null labels: appstudio.openshift.io/application: kserve-agent @@ -80,13 +76,11 @@ spec: name: output-image type: string - default: . - description: Path to the source code of an application's component from where - to build image. + description: Path to the source code of an application's component from where to build image. name: path-context type: string - default: Dockerfile - description: Path to the Dockerfile inside the context specified by parameter - path-context + description: Path to the Dockerfile inside the context specified by parameter path-context name: dockerfile type: string - default: "false" @@ -110,16 +104,14 @@ spec: name: java type: string - default: "" - description: Image tag expiration time, time values could be something like - 1h, 2d, 3w for hours, days, and weeks, respectively. + description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively. name: image-expires-after - default: "false" description: Build a source image. name: build-source-image type: string - default: "" - description: Path to a file with build arguments which will be passed to podman - during build + description: Path to a file with build arguments which will be passed to podman during build name: build-args-file type: string results: @@ -409,8 +401,8 @@ spec: - name: IMAGE value: $(tasks.build-container.results.IMAGE_URL) - name: ADDITIONAL_TAGS - value: - - '{{target_branch}}-{{revision}}' + value: + - '{{target_branch}}-{{revision}}' runAfter: - build-container taskRef: diff --git a/.tekton/kserve-controller-28-pull-request.yaml b/.tekton/kserve-controller-28-pull-request.yaml index aacfe950012..46fe205a902 100644 --- a/.tekton/kserve-controller-28-pull-request.yaml +++ b/.tekton/kserve-controller-28-pull-request.yaml @@ -7,11 +7,7 @@ metadata: build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}' build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" - pipelinesascode.tekton.dev/on-cel-expression: | - event == "pull_request" - && target_branch == "rhoai-2.8" - && ( !".tekton/**".pathChanged() || ".tekton/kserve-controller-28-pull-request.yaml".pathChanged() ) - && !"config/overlays/odh/params.env".pathChanged() + pipelinesascode.tekton.dev/on-cel-expression: "event == \"pull_request\" \n&& target_branch == \"rhoai-2.8\" \n&& ( !\".tekton/**\".pathChanged() || \".tekton/kserve-controller-28-pull-request.yaml\".pathChanged() ) \n&& !\"config/overlays/odh/params.env\".pathChanged()\n" creationTimestamp: null labels: appstudio.openshift.io/application: kserve-controller @@ -82,13 +78,11 @@ spec: name: output-image type: string - default: . - description: Path to the source code of an application's component from where - to build image. + description: Path to the source code of an application's component from where to build image. name: path-context type: string - default: Dockerfile - description: Path to the Dockerfile inside the context specified by parameter - path-context + description: Path to the Dockerfile inside the context specified by parameter path-context name: dockerfile type: string - default: "false" @@ -112,16 +106,14 @@ spec: name: java type: string - default: "" - description: Image tag expiration time, time values could be something like - 1h, 2d, 3w for hours, days, and weeks, respectively. + description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively. name: image-expires-after - default: "false" description: Build a source image. name: build-source-image type: string - default: "" - description: Path to a file with build arguments which will be passed to podman - during build + description: Path to a file with build arguments which will be passed to podman during build name: build-args-file type: string results: diff --git a/.tekton/kserve-controller-28-push.yaml b/.tekton/kserve-controller-28-push.yaml index be8841589bf..55bf3448014 100644 --- a/.tekton/kserve-controller-28-push.yaml +++ b/.tekton/kserve-controller-28-push.yaml @@ -7,11 +7,7 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" build.appstudio.openshift.io/build-nudge-files: ".*.env, .*.json" - pipelinesascode.tekton.dev/on-cel-expression: | - event == "push" - && target_branch == "rhoai-2.8" - && ( !".tekton/**".pathChanged() || ".tekton/kserve-controller-28-push.yaml".pathChanged() ) - && !"config/overlays/odh/params.env".pathChanged() + pipelinesascode.tekton.dev/on-cel-expression: "event == \"push\" \n&& target_branch == \"rhoai-2.8\" \n&& ( !\".tekton/**\".pathChanged() || \".tekton/kserve-controller-28-push.yaml\".pathChanged() ) \n&& !\"config/overlays/odh/params.env\".pathChanged()\n" creationTimestamp: null labels: appstudio.openshift.io/application: kserve-controller @@ -80,13 +76,11 @@ spec: name: output-image type: string - default: . - description: Path to the source code of an application's component from where - to build image. + description: Path to the source code of an application's component from where to build image. name: path-context type: string - default: Dockerfile - description: Path to the Dockerfile inside the context specified by parameter - path-context + description: Path to the Dockerfile inside the context specified by parameter path-context name: dockerfile type: string - default: "false" @@ -110,16 +104,14 @@ spec: name: java type: string - default: "" - description: Image tag expiration time, time values could be something like - 1h, 2d, 3w for hours, days, and weeks, respectively. + description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively. name: image-expires-after - default: "false" description: Build a source image. name: build-source-image type: string - default: "" - description: Path to a file with build arguments which will be passed to podman - during build + description: Path to a file with build arguments which will be passed to podman during build name: build-args-file type: string results: @@ -409,8 +401,8 @@ spec: - name: IMAGE value: $(tasks.build-container.results.IMAGE_URL) - name: ADDITIONAL_TAGS - value: - - '{{target_branch}}-{{revision}}' + value: + - '{{target_branch}}-{{revision}}' runAfter: - build-container taskRef: diff --git a/.tekton/kserve-router-28-pull-request.yaml b/.tekton/kserve-router-28-pull-request.yaml index cd70d6550f4..7f3b93d1b1b 100644 --- a/.tekton/kserve-router-28-pull-request.yaml +++ b/.tekton/kserve-router-28-pull-request.yaml @@ -7,11 +7,7 @@ metadata: build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}' build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" - pipelinesascode.tekton.dev/on-cel-expression: | - event == "pull_request" - && target_branch == "rhoai-2.8" - && ( !".tekton/**".pathChanged() || ".tekton/kserve-router-28-pull-request.yaml".pathChanged() ) - && !"config/overlays/odh/params.env".pathChanged() + pipelinesascode.tekton.dev/on-cel-expression: "event == \"pull_request\" \n&& target_branch == \"rhoai-2.8\" \n&& ( !\".tekton/**\".pathChanged() || \".tekton/kserve-router-28-pull-request.yaml\".pathChanged() ) \n&& !\"config/overlays/odh/params.env\".pathChanged()\n" creationTimestamp: null labels: appstudio.openshift.io/application: kserve-router @@ -82,13 +78,11 @@ spec: name: output-image type: string - default: . - description: Path to the source code of an application's component from where - to build image. + description: Path to the source code of an application's component from where to build image. name: path-context type: string - default: Dockerfile - description: Path to the Dockerfile inside the context specified by parameter - path-context + description: Path to the Dockerfile inside the context specified by parameter path-context name: dockerfile type: string - default: "false" @@ -112,16 +106,14 @@ spec: name: java type: string - default: "" - description: Image tag expiration time, time values could be something like - 1h, 2d, 3w for hours, days, and weeks, respectively. + description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively. name: image-expires-after - default: "false" description: Build a source image. name: build-source-image type: string - default: "" - description: Path to a file with build arguments which will be passed to podman - during build + description: Path to a file with build arguments which will be passed to podman during build name: build-args-file type: string results: diff --git a/.tekton/kserve-router-28-push.yaml b/.tekton/kserve-router-28-push.yaml index 144fd459b01..6be20906829 100644 --- a/.tekton/kserve-router-28-push.yaml +++ b/.tekton/kserve-router-28-push.yaml @@ -7,11 +7,7 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" build.appstudio.openshift.io/build-nudge-files: ".*.env, .*.json" - pipelinesascode.tekton.dev/on-cel-expression: | - event == "push" - && target_branch == "rhoai-2.8" - && ( !".tekton/**".pathChanged() || ".tekton/kserve-router-28-push.yaml".pathChanged() ) - && !"config/overlays/odh/params.env".pathChanged() + pipelinesascode.tekton.dev/on-cel-expression: "event == \"push\" \n&& target_branch == \"rhoai-2.8\" \n&& ( !\".tekton/**\".pathChanged() || \".tekton/kserve-router-28-push.yaml\".pathChanged() ) \n&& !\"config/overlays/odh/params.env\".pathChanged()\n" creationTimestamp: null labels: appstudio.openshift.io/application: kserve-router @@ -80,13 +76,11 @@ spec: name: output-image type: string - default: . - description: Path to the source code of an application's component from where - to build image. + description: Path to the source code of an application's component from where to build image. name: path-context type: string - default: Dockerfile - description: Path to the Dockerfile inside the context specified by parameter - path-context + description: Path to the Dockerfile inside the context specified by parameter path-context name: dockerfile type: string - default: "false" @@ -110,16 +104,14 @@ spec: name: java type: string - default: "" - description: Image tag expiration time, time values could be something like - 1h, 2d, 3w for hours, days, and weeks, respectively. + description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively. name: image-expires-after - default: "false" description: Build a source image. name: build-source-image type: string - default: "" - description: Path to a file with build arguments which will be passed to podman - during build + description: Path to a file with build arguments which will be passed to podman during build name: build-args-file type: string results: @@ -409,8 +401,8 @@ spec: - name: IMAGE value: $(tasks.build-container.results.IMAGE_URL) - name: ADDITIONAL_TAGS - value: - - '{{target_branch}}-{{revision}}' + value: + - '{{target_branch}}-{{revision}}' runAfter: - build-container taskRef: diff --git a/.tekton/kserve-storage-initializer-28-pull-request.yaml b/.tekton/kserve-storage-initializer-28-pull-request.yaml index c3b8a9c8293..bc3866a0221 100644 --- a/.tekton/kserve-storage-initializer-28-pull-request.yaml +++ b/.tekton/kserve-storage-initializer-28-pull-request.yaml @@ -7,11 +7,7 @@ metadata: build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}' build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" - pipelinesascode.tekton.dev/on-cel-expression: | - event == "pull_request" - && target_branch == "rhoai-2.8" - && ( "python/**".pathChanged() || ".tekton/kserve-storage-initializer-28-pull-request.yaml".pathChanged() ) - && !"config/overlays/odh/params.env".pathChanged() + pipelinesascode.tekton.dev/on-cel-expression: "event == \"pull_request\" \n&& target_branch == \"rhoai-2.8\" \n&& ( \"python/**\".pathChanged() || \".tekton/kserve-storage-initializer-28-pull-request.yaml\".pathChanged() ) \n&& !\"config/overlays/odh/params.env\".pathChanged()\n" creationTimestamp: null labels: appstudio.openshift.io/application: kserve-storage-initializer @@ -82,13 +78,11 @@ spec: name: output-image type: string - default: . - description: Path to the source code of an application's component from where - to build image. + description: Path to the source code of an application's component from where to build image. name: path-context type: string - default: Dockerfile - description: Path to the Dockerfile inside the context specified by parameter - path-context + description: Path to the Dockerfile inside the context specified by parameter path-context name: dockerfile type: string - default: "false" @@ -112,16 +106,14 @@ spec: name: java type: string - default: "" - description: Image tag expiration time, time values could be something like - 1h, 2d, 3w for hours, days, and weeks, respectively. + description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively. name: image-expires-after - default: "false" description: Build a source image. name: build-source-image type: string - default: "" - description: Path to a file with build arguments which will be passed to podman - during build + description: Path to a file with build arguments which will be passed to podman during build name: build-args-file type: string results: diff --git a/.tekton/kserve-storage-initializer-28-push.yaml b/.tekton/kserve-storage-initializer-28-push.yaml index 2f350cdbb4c..57b4829bdf5 100644 --- a/.tekton/kserve-storage-initializer-28-push.yaml +++ b/.tekton/kserve-storage-initializer-28-push.yaml @@ -1,18 +1,14 @@ apiVersion: tekton.dev/v1 kind: PipelineRun metadata: -#test + #test annotations: build.appstudio.openshift.io/repo: https://github.com/red-hat-data-services/kserve?rev={{revision}} build.appstudio.redhat.com/commit_sha: '{{revision}}' build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" build.appstudio.openshift.io/build-nudge-files: ".*.env, .*.json" - pipelinesascode.tekton.dev/on-cel-expression: | - event == "push" - && target_branch == "rhoai-2.8" - && ( "python/**".pathChanged() || ".tekton/kserve-storage-initializer-28-push.yaml".pathChanged() ) - && !"config/overlays/odh/params.env".pathChanged() + pipelinesascode.tekton.dev/on-cel-expression: "event == \"push\" \n&& target_branch == \"rhoai-2.8\" \n&& ( \"python/**\".pathChanged() || \".tekton/kserve-storage-initializer-28-push.yaml\".pathChanged() ) \n&& !\"config/overlays/odh/params.env\".pathChanged()\n" creationTimestamp: null labels: appstudio.openshift.io/application: kserve-storage-initializer @@ -81,13 +77,11 @@ spec: name: output-image type: string - default: . - description: Path to the source code of an application's component from where - to build image. + description: Path to the source code of an application's component from where to build image. name: path-context type: string - default: Dockerfile - description: Path to the Dockerfile inside the context specified by parameter - path-context + description: Path to the Dockerfile inside the context specified by parameter path-context name: dockerfile type: string - default: "false" @@ -111,16 +105,14 @@ spec: name: java type: string - default: "" - description: Image tag expiration time, time values could be something like - 1h, 2d, 3w for hours, days, and weeks, respectively. + description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively. name: image-expires-after - default: "false" description: Build a source image. name: build-source-image type: string - default: "" - description: Path to a file with build arguments which will be passed to podman - during build + description: Path to a file with build arguments which will be passed to podman during build name: build-args-file type: string results: @@ -410,8 +402,8 @@ spec: - name: IMAGE value: $(tasks.build-container.results.IMAGE_URL) - name: ADDITIONAL_TAGS - value: - - '{{target_branch}}-{{revision}}' + value: + - '{{target_branch}}-{{revision}}' runAfter: - build-container taskRef: From 73e92be08393061a0c0cc17ed9d1ad7ad6c45ed8 Mon Sep 17 00:00:00 2001 From: ccronca Date: Wed, 14 Aug 2024 14:59:04 +0200 Subject: [PATCH 2/2] fix(KONFLUX-3663): upload SAST results to quay.io Configure the SAST task to upload SARIF results to quay.io for long-term storage Signed-off-by: ccronca --- .tekton/kserve-agent-28-pull-request.yaml | 7 ++++++- .tekton/kserve-agent-28-push.yaml | 7 ++++++- .tekton/kserve-controller-28-pull-request.yaml | 7 ++++++- .tekton/kserve-controller-28-push.yaml | 7 ++++++- .tekton/kserve-router-28-pull-request.yaml | 7 ++++++- .tekton/kserve-router-28-push.yaml | 7 ++++++- .tekton/kserve-storage-initializer-28-pull-request.yaml | 7 ++++++- .tekton/kserve-storage-initializer-28-push.yaml | 7 ++++++- 8 files changed, 48 insertions(+), 8 deletions(-) diff --git a/.tekton/kserve-agent-28-pull-request.yaml b/.tekton/kserve-agent-28-pull-request.yaml index 6d194bbd11b..212a3b2f306 100644 --- a/.tekton/kserve-agent-28-pull-request.yaml +++ b/.tekton/kserve-agent-28-pull-request.yaml @@ -336,7 +336,7 @@ spec: - "false" - name: sast-snyk-check runAfter: - - clone-repository + - build-container taskRef: params: - name: name @@ -354,6 +354,11 @@ spec: workspaces: - name: workspace workspace: workspace + params: + - name: image-digest + value: $(tasks.build-container.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-container.results.IMAGE_URL) - name: clamav-scan params: - name: image-digest diff --git a/.tekton/kserve-agent-28-push.yaml b/.tekton/kserve-agent-28-push.yaml index 487ef3bcffb..eaac864cdbe 100644 --- a/.tekton/kserve-agent-28-push.yaml +++ b/.tekton/kserve-agent-28-push.yaml @@ -334,7 +334,7 @@ spec: - "false" - name: sast-snyk-check runAfter: - - clone-repository + - build-container taskRef: params: - name: name @@ -352,6 +352,11 @@ spec: workspaces: - name: workspace workspace: workspace + params: + - name: image-digest + value: $(tasks.build-container.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-container.results.IMAGE_URL) - name: clamav-scan params: - name: image-digest diff --git a/.tekton/kserve-controller-28-pull-request.yaml b/.tekton/kserve-controller-28-pull-request.yaml index 46fe205a902..e11516050f1 100644 --- a/.tekton/kserve-controller-28-pull-request.yaml +++ b/.tekton/kserve-controller-28-pull-request.yaml @@ -336,7 +336,7 @@ spec: - "false" - name: sast-snyk-check runAfter: - - clone-repository + - build-container taskRef: params: - name: name @@ -354,6 +354,11 @@ spec: workspaces: - name: workspace workspace: workspace + params: + - name: image-digest + value: $(tasks.build-container.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-container.results.IMAGE_URL) - name: clamav-scan params: - name: image-digest diff --git a/.tekton/kserve-controller-28-push.yaml b/.tekton/kserve-controller-28-push.yaml index 55bf3448014..48581a2e4f2 100644 --- a/.tekton/kserve-controller-28-push.yaml +++ b/.tekton/kserve-controller-28-push.yaml @@ -334,7 +334,7 @@ spec: - "false" - name: sast-snyk-check runAfter: - - clone-repository + - build-container taskRef: params: - name: name @@ -352,6 +352,11 @@ spec: workspaces: - name: workspace workspace: workspace + params: + - name: image-digest + value: $(tasks.build-container.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-container.results.IMAGE_URL) - name: clamav-scan params: - name: image-digest diff --git a/.tekton/kserve-router-28-pull-request.yaml b/.tekton/kserve-router-28-pull-request.yaml index 7f3b93d1b1b..833a526fc8b 100644 --- a/.tekton/kserve-router-28-pull-request.yaml +++ b/.tekton/kserve-router-28-pull-request.yaml @@ -336,7 +336,7 @@ spec: - "false" - name: sast-snyk-check runAfter: - - clone-repository + - build-container taskRef: params: - name: name @@ -354,6 +354,11 @@ spec: workspaces: - name: workspace workspace: workspace + params: + - name: image-digest + value: $(tasks.build-container.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-container.results.IMAGE_URL) - name: clamav-scan params: - name: image-digest diff --git a/.tekton/kserve-router-28-push.yaml b/.tekton/kserve-router-28-push.yaml index 6be20906829..98b353b6e9d 100644 --- a/.tekton/kserve-router-28-push.yaml +++ b/.tekton/kserve-router-28-push.yaml @@ -334,7 +334,7 @@ spec: - "false" - name: sast-snyk-check runAfter: - - clone-repository + - build-container taskRef: params: - name: name @@ -352,6 +352,11 @@ spec: workspaces: - name: workspace workspace: workspace + params: + - name: image-digest + value: $(tasks.build-container.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-container.results.IMAGE_URL) - name: clamav-scan params: - name: image-digest diff --git a/.tekton/kserve-storage-initializer-28-pull-request.yaml b/.tekton/kserve-storage-initializer-28-pull-request.yaml index bc3866a0221..f1bc2f38612 100644 --- a/.tekton/kserve-storage-initializer-28-pull-request.yaml +++ b/.tekton/kserve-storage-initializer-28-pull-request.yaml @@ -336,7 +336,7 @@ spec: - "false" - name: sast-snyk-check runAfter: - - clone-repository + - build-container taskRef: params: - name: name @@ -354,6 +354,11 @@ spec: workspaces: - name: workspace workspace: workspace + params: + - name: image-digest + value: $(tasks.build-container.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-container.results.IMAGE_URL) - name: clamav-scan params: - name: image-digest diff --git a/.tekton/kserve-storage-initializer-28-push.yaml b/.tekton/kserve-storage-initializer-28-push.yaml index 57b4829bdf5..f2cfc088ef4 100644 --- a/.tekton/kserve-storage-initializer-28-push.yaml +++ b/.tekton/kserve-storage-initializer-28-push.yaml @@ -335,7 +335,7 @@ spec: - "false" - name: sast-snyk-check runAfter: - - clone-repository + - build-container taskRef: params: - name: name @@ -353,6 +353,11 @@ spec: workspaces: - name: workspace workspace: workspace + params: + - name: image-digest + value: $(tasks.build-container.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-container.results.IMAGE_URL) - name: clamav-scan params: - name: image-digest