buildah-sast: migrate to the new buildah interface

konflux-ci · Oct 25, 2024 · 8e03ea8 · 8e03ea8
1 parent 5dc857c
commit 8e03ea8
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 6 deletions.
diff --git a/task/buildah-sast/0.2/patch.yaml b/task/buildah-sast/0.2/patch.yaml
@@ -56,9 +56,9 @@
 - op: add
   path: /spec/steps/0/env/-
   value:
-    name: VOLUME_MOUNTS_FROM_ENV
-    value: >-
-      --volume /tmp/sast-scan-results:/sast-scan-results
+    name: ADDITIONAL_VOLUME_MOUNTS
+    value: |-
+      /tmp/sast-scan-results:/sast-scan-results
 
 # Add prepare and postprocess steps
   # Prepare step
@@ -75,6 +75,9 @@
         memory: 0.5Gi
         cpu: '0.5'
     workingDir: $(workspaces.source.path)
+    env:
+      - name: DOCKERFILE
+        value: $(params.DOCKERFILE)
     script: |
       # Dockerfile discovery logic is copied from buildah task
       SOURCE_CODE_DIR=source
@@ -101,10 +104,12 @@
       fi
 
       # Modify Dockerfile
-      sed -i '1 i\ARG NEW_ARG=default-value' $dockerfile_path
+      sed '1 i\ARG NEW_ARG=default-value' $dockerfile_path | tee /shared/Containerfile
 
-      echo 'Modified Dockerfile:'
-      cat $dockerfile_path
+  # Make the buildah task use the instrumented Dockerfile
+- op: replace
+  path: /spec/steps/1/env/1/value  # steps -> build -> env -> DOCKERFILE
+  value: /shared/Containerfile
 
   # Postprocess step
 - op: add

diff --git a/task/buildah-sast/OWNERS b/task/buildah-sast/OWNERS
@@ -0,0 +1,5 @@
+# See the OWNERS docs: https://go.k8s.io/owners
+approvers:
+  - build-team
+reviewers:
+  - build-team