Skip to content
Snippets Groups Projects
Commit bbe88bee authored by Joel Takvorian's avatar Joel Takvorian Committed by Joel Takvorian
Browse files

Tekton add sast checks (#659)

parent 1451f70e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
.tekton/pipeline-ref.yaml
+ 50
0
View file @ bbe88bee
......@@ -387,6 +387,56 @@ spec:
operator: in
values:
- "false"
- name: sast-shell-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-shell-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:8e817af22b04305676597a556a975bde8552949ca2bf8918bf62414f135f93c8
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-unicode-check
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-unicode-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.1@sha256:b9c3dfe732a0d9581c75d07d59043f675ddcbe5e9a3152daad99076bedfd5b85
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clamav-scan
params:
- name: image-digest
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment