gardener-robot-ci-1
commented
1 month ago This PR proposes changes that would break the pipeline definition:
gardener-extension-networking-calico-enhancement_enable-gosec-result-upload: Traceback (most recent call last):
File "/usr/lib/python3.12/site-packages/concourse/replicator.py", line 141, in render
definition_descriptor = self._render(definition_descriptor)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/concourse/replicator.py", line 185, in _render
'definition': factory.create_pipeline_definition(),
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/concourse/factory.py", line 88, in create_pipeline_definition
self._apply_traits(variant)
File "/usr/lib/python3.12/site-packages/concourse/factory.py", line 177, in _apply_traits
transformer.process_pipeline_args(pipeline_def)
File "/usr/lib/python3.12/site-packages/concourse/model/traits/release.py", line 495, in process_pipeline_args
raise ValueError(f'{asset=}\'s step_name refers to an absent build-step')
ValueError: asset=BuildstepLogAsset(ocm_labels=[{'name': 'gardener.cloud/purposes', 'value': ['lint', 'sast', 'gosec']}, {'name': 'gardener.cloud/comment', 'value': 'we use gosec (linter) for SAST scans\nsee: https://github.com/securego/gosec\nenabled by https://github.com/gardener/gardener-extension-networking-calico/pull/503\n'}], type='build-step-log', name='verify-build-step', step_name='verify', artefact_type='application/data', purposes=['lint', 'sast', 'gosec'], comment='we use gosec (linter) for SAST scans\nsee: https://github.com/securego/gosec\nenabled by https://github.com/gardener/gardener-extension-networking-calico/pull/503\n')'s step_name refers to an absent build-step
How to categorize this PR?
/area networking /area compliance /area security /kind enhancement
What this PR does / why we need it:
Add SAST logs to OCM component descriptor.
Which issue(s) this PR fixes: Fixes #
Special notes for your reviewer:
Release note: