search

openshift / source-to-image

A tool for building artifacts from source and injecting into container images
Apache License 2.0
2.46k stars 696 forks source link

fix(KONFLUX-3663): format PipelineRun files and upload SAST results #1166

Open ccronca opened 1 month ago

ccronca commented 1 month ago

This update configures the SAST task to upload SARIF results to quay.io for long-term storage

Please note that this PR was automatically generated and may include unrelated changes due to automatic YAML formatting performed by yq The YAML files will be indented using 2 spaces, if the YAML file uses indentationless list the automation will try to keep this format

The PR contains two separate commits:

  1. Format YAML files: Ensures consistent indentation and formatting of the YAML files
  2. Upload SAST results: Configures the PipelineRun files to enable uploading SARIF results to quay.io

Separating these changes into two commits simplifies the review process. The first commit focuses on indentation and formatting, while the second commit contains the semantic changes

Related:

openshift-ci[bot] commented 1 month ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: ccronca Once this PR has been reviewed and has the lgtm label, please assign adambkaplan for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/openshift/source-to-image/blob/master/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
openshift-ci[bot] commented 1 month ago

Hi @ccronca. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
adambkaplan commented 1 month ago

/ok-to-test

openshift-ci[bot] commented 1 month ago

@ccronca: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/security 46017d9142afb3aea529c0d21aefced140e8adc0 link false /test security

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).