Changes

go.mod: switch to go 1.18
Update cosign dependency to latest : this fixes a bunch of security issues

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you review them:

[x] Run make test lint before submitting a PR
[x] Includes tests (if functionality changed/added)
[ ] Includes docs (if user facing)
[x] Commit messages follow commit message best practices

See the contribution guide for more details.

Release Notes

Update cosign to v1.11.0

Sep 12 '22 10:09 vdemeester

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

OWNERS

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

Sep 12 '22 10:09 tekton-robot

New changes are detected. LGTM label has been removed.

Sep 13 '22 12:09 tekton-robot

/retest

Sep 13 '22 15:09 vdemeester

/retest

Sep 14 '22 07:09 vdemeester

/test pull-tekton-operator-integration-tests

Oct 10 '22 17:10 afrittoli

--- FAIL: TestTektonChainsGettingStartedTutorial (92.87s)
    --- PASS: TestTektonChainsGettingStartedTutorial/create-pipeline (20.03s)
    --- PASS: TestTektonChainsGettingStartedTutorial/create-chain (10.03s)
    --- PASS: TestTektonChainsGettingStartedTutorial/create_cosign_key_pair (1.65s)
    --- PASS: TestTektonChainsGettingStartedTutorial/replace_Chains_ConfigMap (0.10s)
    --- PASS: TestTektonChainsGettingStartedTutorial/restart_chains_pod (0.10s)
    --- PASS: TestTektonChainsGettingStartedTutorial/create_TaskRun (0.18s)
    --- PASS: TestTektonChainsGettingStartedTutorial/wait_for_TaskRun_to_succeed (20.04s)
    --- PASS: TestTektonChainsGettingStartedTutorial/wait_for_TaskRun_to_get_signed (0.01s)
    --- FAIL: TestTektonChainsGettingStartedTutorial/cosign_verify-blob (0.01s)

I guess the failure is an actual one here?

Oct 10 '22 17:10 afrittoli

https://github.com/tektoncd/operator/blob/ed48f3dfbf6394c936cdbbeee00ecdde173f9630/test/e2e/common/04_tektonchainsgettingstartedtutorial_test.go#L212

Oct 10 '22 17:10 afrittoli

@vdemeester: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-tekton-operator-integration-tests	64921b6851f576c0692aa0acf3580f813deb226e	link	true	`/test pull-tekton-operator-integration-tests`

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

Oct 10 '22 18:10 tekton-robot

@vdemeester: PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Oct 11 '22 13:10 tekton-robot

@vdemeester cosign has been bumped, can you rebase the PR if there are any other changes or close if no other changes?

Oct 27 '22 05:10 piyush-garg

I'll close for now..

Oct 27 '22 13:10 vdemeester

operator
operator copied to clipboard

cosign dependency bump

Changes

Submitter Checklist

Release Notes

operator operator copied to clipboard

cosign dependency bump

Changes

Submitter Checklist

Release Notes

operator
operator copied to clipboard