diff --git a/internal/pipelines/check-embargoed-cves/README.md b/internal/pipelines/check-embargoed-cves/README.md index 0afd9f0db..bc2fdbc7c 100644 --- a/internal/pipelines/check-embargoed-cves/README.md +++ b/internal/pipelines/check-embargoed-cves/README.md @@ -6,6 +6,11 @@ result will be the list of embargoed CVEs. ## Parameters -| Name | Description | Optional | Default value | -|------|--------------------------------------------------------------------------------------------|----------|---------------| -| cves | String containing a space separated list of CVEs to check (e.g. 'CVE-123 CVE-234 CVE-345') | No | - | +| Name | Description | Optional | Default value | +|-----------------|--------------------------------------------------------------------------------------------|----------|-----------------------------------------------------------| +| cves | String containing a space separated list of CVEs to check (e.g. 'CVE-123 CVE-234 CVE-345') | No | - | +| taskGitUrl | The url to the git repo where the release-service-catalog tasks to be used are stored | Yes | https://github.com/konflux-ci/release-service-catalog.git | +| taskGitRevision | The revision in the taskGitUrl repo to be used | No | - | + +## Changes in 1.0.0 +* Added taskGiturl and taskGitRevision parameters so the task can be called via git resolvers diff --git a/internal/pipelines/check-embargoed-cves/check-embargoed-cves.yaml b/internal/pipelines/check-embargoed-cves/check-embargoed-cves.yaml index 22cdd15db..a31f8d327 100644 --- a/internal/pipelines/check-embargoed-cves/check-embargoed-cves.yaml +++ b/internal/pipelines/check-embargoed-cves/check-embargoed-cves.yaml @@ -4,7 +4,7 @@ kind: Pipeline metadata: name: check-embargoed-cves labels: - app.kubernetes.io/version: "0.1.0" + app.kubernetes.io/version: "1.0.0" annotations: tekton.dev/pipelines.minVersion: "0.12.1" tekton.dev/tags: release @@ -16,10 +16,24 @@ spec: type: string description: | String containing a space separated list of CVEs to check (e.g. 'CVE-123 CVE-234 CVE-345') + - name: taskGitUrl + type: string + description: The url to the git repo where the release-service-catalog tasks to be used are stored + default: https://github.com/konflux-ci/release-service-catalog.git + - name: taskGitRevision + type: string + description: The revision in the taskGitUrl repo to be used tasks: - name: check-embargoed-cves-task taskRef: - name: check-embargoed-cves-task + resolver: "git" + params: + - name: url + value: $(params.taskGitUrl) + - name: revision + value: $(params.taskGitRevision) + - name: pathInRepo + value: tasks/internal/check-embargoed-cves-task/check-embargoed-cves-task.yaml params: - name: cves value: $(params.cves) diff --git a/internal/resources/check-embargoed-cves-task.yaml b/internal/resources/check-embargoed-cves-task.yaml deleted file mode 120000 index e071f73c0..000000000 --- a/internal/resources/check-embargoed-cves-task.yaml +++ /dev/null @@ -1 +0,0 @@ -../../tasks/internal/check-embargoed-cves-task/check-embargoed-cves-task.yaml \ No newline at end of file diff --git a/pipelines/managed/rh-advisories/README.md b/pipelines/managed/rh-advisories/README.md index fdfc9161c..30a7b931d 100644 --- a/pipelines/managed/rh-advisories/README.md +++ b/pipelines/managed/rh-advisories/README.md @@ -23,6 +23,9 @@ the rh-push-to-registry-redhat-io pipeline. | taskGitUrl | The url to the git repo where the release-service-catalog tasks to be used are stored | Yes | https://github.com/konflux-ci/release-service-catalog.git | | taskGitRevision | The revision in the taskGitUrl repo to be used | No | - | +## Changes in 1.8.2 +* Pass taskGitUrl and taskGitRevision to embargo-check task + ## Changes in 1.8.1 * Set timeout for rh-sign-image-cosign task to be 6 hrs diff --git a/pipelines/managed/rh-advisories/rh-advisories.yaml b/pipelines/managed/rh-advisories/rh-advisories.yaml index 6b4307242..a8ca102a4 100644 --- a/pipelines/managed/rh-advisories/rh-advisories.yaml +++ b/pipelines/managed/rh-advisories/rh-advisories.yaml @@ -4,7 +4,7 @@ kind: Pipeline metadata: name: rh-advisories labels: - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.8.2" annotations: tekton.dev/pipelines.minVersion: "0.12.1" tekton.dev/tags: release @@ -252,6 +252,10 @@ spec: value: "$(tasks.collect-data.results.data)" - name: pipelineRunUid value: $(context.pipelineRun.uid) + - name: taskGitUrl + value: $(params.taskGitUrl) + - name: taskGitRevision + value: $(params.taskGitRevision) taskRef: params: - name: url diff --git a/tasks/managed/embargo-check/README.md b/tasks/managed/embargo-check/README.md index 97068748a..024b781fd 100644 --- a/tasks/managed/embargo-check/README.md +++ b/tasks/managed/embargo-check/README.md @@ -10,6 +10,11 @@ by server using curl and checks the CVEs via an InternalRequest. If any issue or | dataPath | Path to data JSON in the data workspace | No | - | | requestTimeout | InternalRequest timeout | Yes | 180 | | pipelineRunUid | The uid of the current pipelineRun. Used as a label value when creating internal requests | No | - | +| taskGitUrl | The url to the git repo where the release-service-catalog tasks to be used are stored | No | - | +| taskGitRevision | The revision in the taskGitUrl repo to be used | No | - | + +## Changes in 0.5.0 +* Added taskGiturl and taskGitRevision parameters to be passed to the internalRequest ## Changes in 0.4.1 * fix linting issues in embargo-check task diff --git a/tasks/managed/embargo-check/embargo-check.yaml b/tasks/managed/embargo-check/embargo-check.yaml index 5db66155d..033f4380b 100644 --- a/tasks/managed/embargo-check/embargo-check.yaml +++ b/tasks/managed/embargo-check/embargo-check.yaml @@ -4,7 +4,7 @@ kind: Task metadata: name: embargo-check labels: - app.kubernetes.io/version: "0.4.1" + app.kubernetes.io/version: "0.5.0" annotations: tekton.dev/pipelines.minVersion: "0.12.1" tekton.dev/tags: release @@ -24,6 +24,12 @@ spec: - name: pipelineRunUid type: string description: The uid of the current pipelineRun. Used as a label value when creating internal requests + - name: taskGitUrl + type: string + description: The url to the git repo where the release-service-catalog tasks to be used are stored + - name: taskGitRevision + type: string + description: The revision in the taskGitUrl repo to be used workspaces: - name: data description: The workspace where the snapshot spec json file resides @@ -97,6 +103,8 @@ spec: internal-request -r "check-embargoed-cves" \ -p cves="${CVES}" \ + -p taskGitUrl="$(params.taskGitUrl)" \ + -p taskGitRevision="$(params.taskGitRevision)" \ -l ${PIPELINERUN_LABEL}="$(params.pipelineRunUid)" \ -t "$(params.requestTimeout)" \ -s true \ diff --git a/tasks/managed/embargo-check/tests/test-embargo-check-embargoed-cve.yaml b/tasks/managed/embargo-check/tests/test-embargo-check-embargoed-cve.yaml index 06cfcc078..e5ac5080b 100644 --- a/tasks/managed/embargo-check/tests/test-embargo-check-embargoed-cve.yaml +++ b/tasks/managed/embargo-check/tests/test-embargo-check-embargoed-cve.yaml @@ -66,6 +66,10 @@ spec: value: data.json - name: pipelineRunUid value: $(context.pipelineRun.uid) + - name: taskGitUrl + value: "http://localhost" + - name: taskGitRevision + value: "main" workspaces: - name: data workspace: tests-workspace diff --git a/tasks/managed/embargo-check/tests/test-embargo-check-embargoed-issue.yaml b/tasks/managed/embargo-check/tests/test-embargo-check-embargoed-issue.yaml index dbaf73e25..ba56c71ad 100644 --- a/tasks/managed/embargo-check/tests/test-embargo-check-embargoed-issue.yaml +++ b/tasks/managed/embargo-check/tests/test-embargo-check-embargoed-issue.yaml @@ -50,6 +50,10 @@ spec: value: data.json - name: pipelineRunUid value: $(context.pipelineRun.uid) + - name: taskGitUrl + value: "http://localhost" + - name: taskGitRevision + value: "main" workspaces: - name: data workspace: tests-workspace diff --git a/tasks/managed/embargo-check/tests/test-embargo-check-fail-no-data-json.yaml b/tasks/managed/embargo-check/tests/test-embargo-check-fail-no-data-json.yaml index 2b2285076..c3a7b0e23 100644 --- a/tasks/managed/embargo-check/tests/test-embargo-check-fail-no-data-json.yaml +++ b/tasks/managed/embargo-check/tests/test-embargo-check-fail-no-data-json.yaml @@ -18,6 +18,10 @@ spec: value: data.json - name: pipelineRunUid value: $(context.pipelineRun.uid) + - name: taskGitUrl + value: "http://localhost" + - name: taskGitRevision + value: "main" workspaces: - name: data workspace: tests-workspace diff --git a/tasks/managed/embargo-check/tests/test-embargo-check-ir-failure.yaml b/tasks/managed/embargo-check/tests/test-embargo-check-ir-failure.yaml index d8eee6182..edd257ae7 100644 --- a/tasks/managed/embargo-check/tests/test-embargo-check-ir-failure.yaml +++ b/tasks/managed/embargo-check/tests/test-embargo-check-ir-failure.yaml @@ -66,6 +66,10 @@ spec: value: data.json - name: pipelineRunUid value: $(context.pipelineRun.uid) + - name: taskGitUrl + value: "http://localhost" + - name: taskGitRevision + value: "main" workspaces: - name: data workspace: tests-workspace diff --git a/tasks/managed/embargo-check/tests/test-embargo-check-no-release-notes.yaml b/tasks/managed/embargo-check/tests/test-embargo-check-no-release-notes.yaml index d728dff81..0d3d0ceef 100644 --- a/tasks/managed/embargo-check/tests/test-embargo-check-no-release-notes.yaml +++ b/tasks/managed/embargo-check/tests/test-embargo-check-no-release-notes.yaml @@ -35,6 +35,10 @@ spec: value: data.json - name: pipelineRunUid value: $(context.pipelineRun.uid) + - name: taskGitUrl + value: "http://localhost" + - name: taskGitRevision + value: "main" workspaces: - name: data workspace: tests-workspace diff --git a/tasks/managed/embargo-check/tests/test-embargo-check-public-cves.yaml b/tasks/managed/embargo-check/tests/test-embargo-check-public-cves.yaml index 24119f38e..556fa09e4 100644 --- a/tasks/managed/embargo-check/tests/test-embargo-check-public-cves.yaml +++ b/tasks/managed/embargo-check/tests/test-embargo-check-public-cves.yaml @@ -64,6 +64,10 @@ spec: value: data.json - name: pipelineRunUid value: $(context.pipelineRun.uid) + - name: taskGitUrl + value: "http://localhost" + - name: taskGitRevision + value: "main" workspaces: - name: data workspace: tests-workspace diff --git a/tasks/managed/embargo-check/tests/test-embargo-check-public-issues.yaml b/tasks/managed/embargo-check/tests/test-embargo-check-public-issues.yaml index 7e3cbf9de..a99c36eaf 100644 --- a/tasks/managed/embargo-check/tests/test-embargo-check-public-issues.yaml +++ b/tasks/managed/embargo-check/tests/test-embargo-check-public-issues.yaml @@ -48,6 +48,10 @@ spec: value: data.json - name: pipelineRunUid value: $(context.pipelineRun.uid) + - name: taskGitUrl + value: "http://localhost" + - name: taskGitRevision + value: "main" workspaces: - name: data workspace: tests-workspace