From be6abc6189289b1f0d7ce3e7a5818a47b7387e66 Mon Sep 17 00:00:00 2001 From: ccronca Date: Mon, 12 Aug 2024 17:37:41 +0200 Subject: [PATCH] fix(KONFLUX-3663): upload SAST results to quay.io Configure the SAST task to upload SARIF results to quay.io for long-term storage Signed-off-by: ccronca --- .tekton/jira-unfurl-bot-saas-main-pull-request.yaml | 7 ++++++- .tekton/jira-unfurl-bot-saas-main-push.yaml | 7 ++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/.tekton/jira-unfurl-bot-saas-main-pull-request.yaml b/.tekton/jira-unfurl-bot-saas-main-pull-request.yaml index 9d2f0d2..46a05ee 100644 --- a/.tekton/jira-unfurl-bot-saas-main-pull-request.yaml +++ b/.tekton/jira-unfurl-bot-saas-main-pull-request.yaml @@ -343,7 +343,7 @@ spec: - "false" - name: sast-snyk-check runAfter: - - clone-repository + - build-container taskRef: params: - name: name @@ -361,6 +361,11 @@ spec: workspaces: - name: workspace workspace: workspace + params: + - name: image-digest + value: $(tasks.build-container.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-container.results.IMAGE_URL) - name: clamav-scan params: - name: image-digest diff --git a/.tekton/jira-unfurl-bot-saas-main-push.yaml b/.tekton/jira-unfurl-bot-saas-main-push.yaml index d6bb30b..918a341 100644 --- a/.tekton/jira-unfurl-bot-saas-main-push.yaml +++ b/.tekton/jira-unfurl-bot-saas-main-push.yaml @@ -340,7 +340,7 @@ spec: - "false" - name: sast-snyk-check runAfter: - - clone-repository + - build-container taskRef: params: - name: name @@ -358,6 +358,11 @@ spec: workspaces: - name: workspace workspace: workspace + params: + - name: image-digest + value: $(tasks.build-container.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-container.results.IMAGE_URL) - name: clamav-scan params: - name: image-digest