diff --git a/.github/workflows/dependabot-deps.yaml b/.github/workflows/dependabot-deps.yaml index c67051bab2..08b73f2a93 100644 --- a/.github/workflows/dependabot-deps.yaml +++ b/.github/workflows/dependabot-deps.yaml @@ -1,3 +1,4 @@ + name: Dependabot on: @@ -7,7 +8,7 @@ permissions: contents: write jobs: - generate_some_code: + update-deps: name: Update deps runs-on: ubuntu-latest if: ${{ github.actor == 'dependabot[bot]' }} @@ -22,9 +23,13 @@ jobs: - name: Setup Golang uses: openshift-knative/hack/actions/setup-go@main - - name: Run ./hack/update-deps.sh + - name: Install yq + run: | + go install github.com/mikefarah/yq/v3@latest + + - name: Generate files working-directory: ./src/github.com/${{ github.repository }} - run: ./hack/update-deps.sh + run: make generated-files - name: git push working-directory: ./src/github.com/${{ github.repository }} @@ -34,6 +39,6 @@ jobs: git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" git config --local user.name "github-actions[bot]" git add . - git commit -m "Run ./hack/update-deps.sh" + git commit -m "Run make generated-files" git push fi diff --git a/.tekton/docker-build.yaml b/.tekton/docker-build.yaml index 39bd1bb37f..1bd2855d10 100755 --- a/.tekton/docker-build.yaml +++ b/.tekton/docker-build.yaml @@ -468,9 +468,9 @@ spec: taskRef: params: - name: name - value: sast-shell-check-oci-ta + value: sast-unicode-check-oci-ta - name: bundle - value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:9b0138a597445f3887697da69c9b8b91368f0b72b98e9304fa209b43523bd6fb + value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.1@sha256:3a128580c41abdac5bd76d0d1e066f2f3473278ba9fab90639878a27ced7a0e6 - name: kind value: task resolver: bundles diff --git a/.tekton/fbc-builder.yaml b/.tekton/fbc-builder.yaml index 3cf62126bd..3a508761f9 100755 --- a/.tekton/fbc-builder.yaml +++ b/.tekton/fbc-builder.yaml @@ -321,6 +321,32 @@ spec: operator: in values: - "false" + - name: fbc-target-index-pruning-check + params: + - name: IMAGE_URL + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: IMAGE_DIGEST + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + - name: TARGET_INDEX + value: registry.redhat.io/redhat/redhat-operator-index + - name: RENDERED_CATALOG_DIGEST + value: $(tasks.validate-fbc.results.RENDERED_CATALOG_DIGEST) + runAfter: + - validate-fbc + taskRef: + params: + - name: name + value: fbc-target-index-pruning-check + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-fbc-target-index-pruning-check:0.1@sha256:299c44a5d6930f7a2c878f20853c705f155231cae36d9f37add4cdb7e75e2e12 + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" workspaces: - name: git-auth optional: true diff --git a/.tekton/serverless-bundle-135-pull-request.yaml b/.tekton/serverless-bundle-135-pull-request.yaml index 9a586bc38a..0848d47b08 100755 --- a/.tekton/serverless-bundle-135-pull-request.yaml +++ b/.tekton/serverless-bundle-135-pull-request.yaml @@ -8,7 +8,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "release-1.35" && ( files.all.exists(x, x.matches('^olm-catalog/serverless-operator/')) || files.all.exists(x, x.matches('^.tekton/')) ) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-bundle-135-push.yaml b/.tekton/serverless-bundle-135-push.yaml index 1e11ee074d..0bfce1ab04 100755 --- a/.tekton/serverless-bundle-135-push.yaml +++ b/.tekton/serverless-bundle-135-push.yaml @@ -7,7 +7,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch == "release-1.35" && ( files.all.exists(x, x.matches('^olm-catalog/serverless-operator/')) || files.all.exists(x, x.matches('^.tekton/')) ) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-ingress-135-pull-request.yaml b/.tekton/serverless-ingress-135-pull-request.yaml index c9dd2e91d6..0a494be755 100755 --- a/.tekton/serverless-ingress-135-pull-request.yaml +++ b/.tekton/serverless-ingress-135-pull-request.yaml @@ -8,7 +8,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "release-1.35" && files.all.exists(x, !x.matches('^olm-catalog/') && !x.matches('^.konflux-release/')) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-ingress-135-push.yaml b/.tekton/serverless-ingress-135-push.yaml index fdac18df2e..8e60a43dd5 100755 --- a/.tekton/serverless-ingress-135-push.yaml +++ b/.tekton/serverless-ingress-135-push.yaml @@ -7,7 +7,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch == "release-1.35" && files.all.exists(x, !x.matches('^olm-catalog/') && !x.matches('^.konflux-release/')) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-kn-operator-135-pull-request.yaml b/.tekton/serverless-kn-operator-135-pull-request.yaml index b324d90e7c..06a24e3038 100755 --- a/.tekton/serverless-kn-operator-135-pull-request.yaml +++ b/.tekton/serverless-kn-operator-135-pull-request.yaml @@ -8,7 +8,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "release-1.35" && files.all.exists(x, !x.matches('^olm-catalog/') && !x.matches('^.konflux-release/')) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-kn-operator-135-push.yaml b/.tekton/serverless-kn-operator-135-push.yaml index fac2568c5e..2ed476868c 100755 --- a/.tekton/serverless-kn-operator-135-push.yaml +++ b/.tekton/serverless-kn-operator-135-push.yaml @@ -7,7 +7,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch == "release-1.35" && files.all.exists(x, !x.matches('^olm-catalog/') && !x.matches('^.konflux-release/')) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-metadata-webhook-135-pull-request.yaml b/.tekton/serverless-metadata-webhook-135-pull-request.yaml index 293db887a5..1521ca294d 100755 --- a/.tekton/serverless-metadata-webhook-135-pull-request.yaml +++ b/.tekton/serverless-metadata-webhook-135-pull-request.yaml @@ -8,7 +8,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "release-1.35" && files.all.exists(x, !x.matches('^olm-catalog/') && !x.matches('^.konflux-release/')) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-metadata-webhook-135-push.yaml b/.tekton/serverless-metadata-webhook-135-push.yaml index abdd65ca68..e475a973ee 100755 --- a/.tekton/serverless-metadata-webhook-135-push.yaml +++ b/.tekton/serverless-metadata-webhook-135-push.yaml @@ -7,7 +7,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch == "release-1.35" && files.all.exists(x, !x.matches('^olm-catalog/') && !x.matches('^.konflux-release/')) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-must-gather-135-pull-request.yaml b/.tekton/serverless-must-gather-135-pull-request.yaml index bc4d0cf643..e15ae5ca56 100755 --- a/.tekton/serverless-must-gather-135-pull-request.yaml +++ b/.tekton/serverless-must-gather-135-pull-request.yaml @@ -8,7 +8,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "release-1.35" && files.all.exists(x, !x.matches('^olm-catalog/') && !x.matches('^.konflux-release/')) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-must-gather-135-push.yaml b/.tekton/serverless-must-gather-135-push.yaml index 18650ea0ac..f14148455a 100755 --- a/.tekton/serverless-must-gather-135-push.yaml +++ b/.tekton/serverless-must-gather-135-push.yaml @@ -7,7 +7,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch == "release-1.35" && files.all.exists(x, !x.matches('^olm-catalog/') && !x.matches('^.konflux-release/')) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-openshift-kn-operator-135-pull-request.yaml b/.tekton/serverless-openshift-kn-operator-135-pull-request.yaml index 53771bc883..c1ca279e0e 100755 --- a/.tekton/serverless-openshift-kn-operator-135-pull-request.yaml +++ b/.tekton/serverless-openshift-kn-operator-135-pull-request.yaml @@ -8,7 +8,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "release-1.35" && files.all.exists(x, !x.matches('^olm-catalog/') && !x.matches('^.konflux-release/')) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135 diff --git a/.tekton/serverless-openshift-kn-operator-135-push.yaml b/.tekton/serverless-openshift-kn-operator-135-push.yaml index 56ee7a0d8a..4e301e5bb0 100755 --- a/.tekton/serverless-openshift-kn-operator-135-push.yaml +++ b/.tekton/serverless-openshift-kn-operator-135-push.yaml @@ -7,7 +7,6 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch == "release-1.35" && files.all.exists(x, !x.matches('^olm-catalog/') && !x.matches('^.konflux-release/')) - build.appstudio.openshift.io/build-nudge-files: ".*Dockerfile.*,olm-catalog/.*.yaml,olm-catalog/.*.yml,.*Containerfile.*" creationTimestamp: null labels: appstudio.openshift.io/application: serverless-operator-135