chore(deps): update rhtap references (release-v0.2)

[red-hat-konflux[bot]]

This PR contains the following updates:

Package	Change
quay.io/redhat-appstudio-tekton-catalog/task-buildah	7cd8020 -> b8d5071
quay.io/redhat-appstudio-tekton-catalog/task-git-clone	729ed7f -> ae1249a
quay.io/redhat-appstudio-tekton-catalog/task-init	686109b -> b23c7a9

---

To execute skipped test pipelines write comment /ok-to-test

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 80.44%. Comparing base (d29fed5) to head (b4c778e).

Additional details and impacted files

[](https://app.codecov.io/gh/enterprise-contract/ec-cli/pull/1654?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=enterprise-contract) ```diff @@ Coverage Diff @@ ## release-v0.2 #1654 +/- ## ============================================= Coverage 80.44% 80.44% ============================================= Files 66 66 Lines 4674 4674 ============================================= Hits 3760 3760 Misses 914 914 ``` | [Flag](https://app.codecov.io/gh/enterprise-contract/ec-cli/pull/1654/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=enterprise-contract) | Coverage Δ | | |---|---|---| | [generative](https://app.codecov.io/gh/enterprise-contract/ec-cli/pull/1654/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=enterprise-contract) | `80.44% <ø> (ø)` | | | [integration](https://app.codecov.io/gh/enterprise-contract/ec-cli/pull/1654/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=enterprise-contract) | `80.44% <ø> (ø)` | | | [unit](https://app.codecov.io/gh/enterprise-contract/ec-cli/pull/1654/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=enterprise-contract) | `80.44% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=enterprise-contract#carryforward-flags-in-the-pull-request-comment) to find out more.

[simonbaird]

It's failing the ec check because there are three high severity CVEs considered fixed by Clair.

Vulnerabilities found: glibc-minimal-langpack-2.34-83.el9_3.12 (RHSA-2024:3339: glibc security update (Important)), glibc-2.34-83.el9_3.12 (RHSA-2024:3339: glibc security update (Important)), glibc-common-2.34-83.el9_3.12 (RHSA-2024:3339: glibc security update (Important))

I'm assuming they're coming from a base image.

[red-hat-konflux[bot]]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.

[simonbaird]

With updated base images it's still failing.. :thinking:

[simonbaird]

This shows newer package than the one listed as vulnerable:

podman run --rm -it --entrypoint /bin/bash registry.access.redhat.com/ubi9/go-toolset:1.21@sha256:f001ad1001a22fe5f6fc7d876fc172b01c1b7dcd6c498f83a07b425e24275a79 -c "dnf repoquery glibc-common"
...
glibc-common-0:2.34-100.el9_4.2.x86_64

podman run --rm -it --entrypoint /bin/bash registry.access.redhat.com/ubi9/ubi-minimal:9.4@sha256:2636170dc55a0931d013014a72ae26c0c2521d4b61a28354b3e2e5369fa335a3  -c "microdnf repoquery glibc-common"
...
glibc-common-2.34-100.el9_4.2.x86_64

:shrug: