Skip to content

Comments

chore(deps): update konflux references#244

Merged
openshift-merge-bot[bot] merged 1 commit intorelease-4.19from
konflux/references/release-4.19
Jul 9, 2025
Merged

chore(deps): update konflux references#244
openshift-merge-bot[bot] merged 1 commit intorelease-4.19from
konflux/references/release-4.19

Conversation

@red-hat-konflux
Copy link
Contributor

@red-hat-konflux red-hat-konflux bot commented Jun 21, 2025
edited
Loading

This PR contains the following updates:

Package Change Notes
quay.io/konflux-ci/tekton-catalog/task-apply-tags 0c411c2 -> 517a51e
quay.io/konflux-ci/tekton-catalog/task-build-image-index 3cf3dcc -> 846dc99
quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta 28d8a4f -> 5b8d51f
quay.io/konflux-ci/tekton-catalog/task-clair-scan 68a8fe2 -> d354939
quay.io/konflux-ci/tekton-catalog/task-clamav-scan 386c8c3 -> 9cab95a
quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check 9e81eae -> db2b267
quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check ecd3366 -> 3c8b81f
quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks 8a2d3ce -> b550ff4
quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta 0e512b1 -> d35e5d5
quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta d0cbc49 -> a1ddc34
quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta 995df79 -> 5d8013b
quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan ec7f6de -> 1b6c20a
quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta dda889f -> d3fdca2
quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta 12aa943 -> 808bcaf
quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta 0947e18 -> e61f541
quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta 0.2 -> 0.3 ⚠️migration⚠️
quay.io/konflux-ci/tekton-catalog/task-show-sbom 002f7c8 -> 1b1df4d
quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta f0784e8 -> b424894

Configuration

📅 Schedule: Branch creation - "after 5am on saturday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

This PR has been generated by MintMaker (powered by Renovate Bot).

@openshift-ci openshift-ci bot requested review from fontivan and rauhersu June 21, 2025 08:33
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/references/release-4.19 branch from b5c2cd8 to 438c0a6 Compare June 28, 2025 11:17
@red-hat-konflux
chore(deps): update konflux references
940ce5d 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/references/release-4.19 branch from 438c0a6 to 940ce5d Compare July 5, 2025 08:37
@leo8a
Copy link
Contributor

leo8a commented Jul 8, 2025

/lgtm

seems that this needs to be merged in order to address violations observed in Konklux jobs at #111 (e.g., related to "rpms-signature-scan" task)

cc: @imiller0 @irinamihai

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jul 8, 2025
@leo8a
Copy link
Contributor

leo8a commented Jul 8, 2025

also ccing @rauhersu and @fontivan, this repo has the rpms-signature-scan task, but its sha is different than the one in TALM for instance...

This PR has a fix updating to that sha (among other things inside that I'm not quite sure are currently needed)

@fontivan
Copy link

fontivan commented Jul 8, 2025

/lgtm

seems that this needs to be merged in order to address violations observed in Konklux jobs at #111 (e.g., related to "rpms-signature-scan" task)

cc: @imiller0 @irinamihai

The sha could be different if renovate ran at different times on different projects, since it will just return the latest version when it runs

Unless the older version is causing a problem I would not worry about the minor difference, it will sync on the next pass again

@leo8a
Copy link
Contributor

leo8a commented Jul 8, 2025

Unless the older version is causing a problem I would not worry about the minor difference, it will sync on the next pass again

@fontivan, I managed to get the logs of the failed Konklux jobs (see snipped below). From what I can see, it seems to be causing issues like we need to update to the 1b6c20ab3dbfb0972803d3ebcb2fa72642e59400c77bd66dfd82028bdd09e120 version (which is part of this PR).

Untrusted version of PipelineTask "rpms-signature-scan" (Task "rpms-signature-scan") was included in build chain comprised of: rpms-signature-scan. Please upgrade the task version to: sha256:1b6c20ab3dbfb0972803d3ebcb2fa72642e59400c77bd66dfd82028bdd09e120

@rauhersu
Copy link

rauhersu commented Jul 8, 2025
edited
Loading

Yes, that would solve your problem @leo8a. There is no other bot update, so I am guessing we might merge this as the most recent.

/ok-to-test
/lgtm

@openshift-ci openshift-ci bot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Jul 8, 2025
@shajmakh
Copy link
Member

shajmakh commented Jul 9, 2025

/approve

@openshift-ci
Copy link

openshift-ci bot commented Jul 9, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: red-hat-konflux[bot], shajmakh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 9, 2025
@openshift-merge-bot openshift-merge-bot bot merged commit d3ed470 into release-4.19 Jul 9, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fontivan fontivan Awaiting requested review from fontivan

@rauhersu rauhersu Awaiting requested review from rauhersu

Assignees

@leo8a leo8a

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@leo8a @fontivan @rauhersu @shajmakh