Skip to content

Commit c44ae4e

Browse files
simonbairdsimonbaird
authored
Merge pull request #3197 from simonbaird/acceptance-policy-v08-pin
Use branch pinned policy refs in some acceptance tests
2 parents b409e59 + 808d8cb commit c44ae4e

10 files changed

Lines changed: 117 additions & 120 deletions

File tree

acceptance/go.mod

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ require (
4848
replace github.com/google/go-containerregistry => github.com/conforma/go-containerregistry v0.20.7-0.20250703195040-6f40a3734728
4949

5050
require (
51-
cel.dev/expr v0.24.0 // indirect
51+
cel.dev/expr v0.25.1 // indirect
5252
contrib.go.opencensus.io/exporter/ocagent v0.7.1-0.20200907061046-05415f1de66d // indirect
5353
contrib.go.opencensus.io/exporter/prometheus v0.4.2 // indirect
5454
dario.cat/mergo v1.0.2 // indirect
@@ -252,7 +252,7 @@ require (
252252
google.golang.org/api v0.260.0 // indirect
253253
google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 // indirect
254254
google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b // indirect
255-
google.golang.org/grpc v1.78.0 // indirect
255+
google.golang.org/grpc v1.79.3 // indirect
256256
google.golang.org/protobuf v1.36.11 // indirect
257257
gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
258258
gopkg.in/inf.v0 v0.9.1 // indirect

acceptance/go.sum

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
1-
cel.dev/expr v0.24.0 h1:56OvJKSH3hDGL0ml5uSxZmz3/3Pq4tJ+fb1unVLAFcY=
2-
cel.dev/expr v0.24.0/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw=
1+
cel.dev/expr v0.25.1 h1:1KrZg61W6TWSxuNZ37Xy49ps13NUovb66QLprthtwi4=
2+
cel.dev/expr v0.25.1/go.mod h1:hrXvqGP6G6gyx8UAHSHJ5RGk//1Oj5nXQ2NI02Nrsg4=
33
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
44
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
55
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
@@ -1262,8 +1262,8 @@ google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3Iji
12621262
google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
12631263
google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
12641264
google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
1265-
google.golang.org/grpc v1.78.0 h1:K1XZG/yGDJnzMdd/uZHAkVqJE+xIDOcmdSFZkBUicNc=
1266-
google.golang.org/grpc v1.78.0/go.mod h1:I47qjTo4OKbMkjA/aOOwxDIiPSBofUtQUI5EfpWvW7U=
1265+
google.golang.org/grpc v1.79.3 h1:sybAEdRIEtvcD68Gx7dmnwjZKlyfuc61Dyo9pGXXkKE=
1266+
google.golang.org/grpc v1.79.3/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ=
12671267
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
12681268
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
12691269
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=

features/__snapshots__/ta_task_validate_image.snap

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -114,8 +114,8 @@
114114
"sources": [
115115
{
116116
"policy": [
117-
"git::github.com/conforma/policy//policy/release?ref=d34eab36b23d43748e451004177ca144296bf323",
118-
"git::github.com/conforma/policy//policy/lib?ref=d34eab36b23d43748e451004177ca144296bf323"
117+
"git::github.com/conforma/policy//policy/release?ref=b1f08f104e7678a8f40ed792e40c0799c1198e7a",
118+
"git::github.com/conforma/policy//policy/lib?ref=b1f08f104e7678a8f40ed792e40c0799c1198e7a"
119119
],
120120
"config": {
121121
"include": [
@@ -144,8 +144,8 @@
144144
"sources": [
145145
{
146146
"policy": [
147-
"git::github.com/conforma/policy//policy/release?ref=d34eab36b23d43748e451004177ca144296bf323",
148-
"git::github.com/conforma/policy//policy/lib?ref=d34eab36b23d43748e451004177ca144296bf323"
147+
"git::github.com/conforma/policy//policy/release?ref=b1f08f104e7678a8f40ed792e40c0799c1198e7a",
148+
"git::github.com/conforma/policy//policy/lib?ref=b1f08f104e7678a8f40ed792e40c0799c1198e7a"
149149
],
150150
"config": {
151151
"include": [

features/__snapshots__/task_validate_image.snap

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -39,8 +39,8 @@ Error: Get "http://tuf.invalid/root.json": dial tcp: lookup tuf.invalid on 10.96
3939
"sources": [
4040
{
4141
"policy": [
42-
"git::github.com/conforma/policy//policy/release?ref=0de5461c14413484575e63e96ddb514d8ab954b5",
43-
"git::github.com/conforma/policy//policy/lib?ref=0de5461c14413484575e63e96ddb514d8ab954b5"
42+
"git::github.com/conforma/policy//policy/release?ref=b1f08f104e7678a8f40ed792e40c0799c1198e7a",
43+
"git::github.com/conforma/policy//policy/lib?ref=b1f08f104e7678a8f40ed792e40c0799c1198e7a"
4444
],
4545
"config": {
4646
"include": [
@@ -287,8 +287,8 @@ true
287287
"sources": [
288288
{
289289
"policy": [
290-
"git::github.com/conforma/policy//policy/release?ref=0de5461c14413484575e63e96ddb514d8ab954b5",
291-
"git::github.com/conforma/policy//policy/lib?ref=0de5461c14413484575e63e96ddb514d8ab954b5"
290+
"git::github.com/conforma/policy//policy/release?ref=b1f08f104e7678a8f40ed792e40c0799c1198e7a",
291+
"git::github.com/conforma/policy//policy/lib?ref=b1f08f104e7678a8f40ed792e40c0799c1198e7a"
292292
],
293293
"config": {
294294
"include": [
@@ -431,8 +431,8 @@ true
431431
"sources": [
432432
{
433433
"policy": [
434-
"git::github.com/conforma/policy//policy/release?ref=0de5461c14413484575e63e96ddb514d8ab954b5",
435-
"git::github.com/conforma/policy//policy/lib?ref=0de5461c14413484575e63e96ddb514d8ab954b5"
434+
"git::github.com/conforma/policy//policy/release?ref=b1f08f104e7678a8f40ed792e40c0799c1198e7a",
435+
"git::github.com/conforma/policy//policy/lib?ref=b1f08f104e7678a8f40ed792e40c0799c1198e7a"
436436
],
437437
"config": {
438438
"include": [

features/ta_task_validate_image.feature

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -25,8 +25,8 @@ Feature: Verify Conforma Trusted Artifact Tekton Task
2525
"sources": [
2626
{
2727
"policy": [
28-
"git::github.com/conforma/policy//policy/release?ref=d34eab36b23d43748e451004177ca144296bf323",
29-
"git::github.com/conforma/policy//policy/lib?ref=d34eab36b23d43748e451004177ca144296bf323"
28+
"git::github.com/conforma/policy//policy/release?ref=release-v0.8",
29+
"git::github.com/conforma/policy//policy/lib?ref=release-v0.8"
3030
],
3131
"config": {
3232
"include": [
@@ -65,7 +65,7 @@ Feature: Verify Conforma Trusted Artifact Tekton Task
6565
When version 0.1 of the task named "verify-conforma-konflux-ta" is run with parameters:
6666
| SNAPSHOT_FILENAME | snapshotartifact |
6767
| SOURCE_DATA_ARTIFACT | oci:${REGISTRY}/acceptance/snapshotartifact@${BUILD_SNAPSHOT_DIGEST} |
68-
| POLICY_CONFIGURATION | {"publicKey":"-----BEGIN PUBLIC KEY-----\\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAERhr8Zj4dZW67zucg8fDr11M4lmRp\\nzN6SIcIjkvH39siYg1DkCoa2h2xMUZ10ecbM3/ECqvBV55YwQ2rcIEa7XQ==\\n-----END PUBLIC KEY-----","sources":[{"policy":["git::github.com/conforma/policy//policy/release?ref=d34eab36b23d43748e451004177ca144296bf323","git::github.com/conforma/policy//policy/lib?ref=d34eab36b23d43748e451004177ca144296bf323"],"config":{"include":["slsa_provenance_available"]}}]} |
68+
| POLICY_CONFIGURATION | {"publicKey":"-----BEGIN PUBLIC KEY-----\\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAERhr8Zj4dZW67zucg8fDr11M4lmRp\\nzN6SIcIjkvH39siYg1DkCoa2h2xMUZ10ecbM3/ECqvBV55YwQ2rcIEa7XQ==\\n-----END PUBLIC KEY-----","sources":[{"policy":["git::github.com/conforma/policy//policy/release?ref=release-v0.8","git::github.com/conforma/policy//policy/lib?ref=release-v0.8"],"config":{"include":["slsa_provenance_available"]}}]} |
6969
| STRICT | true |
7070
| IGNORE_REKOR | true |
7171
| ENABLE_VSA | true |
@@ -90,7 +90,7 @@ Feature: Verify Conforma Trusted Artifact Tekton Task
9090
When version 0.1 of the task named "verify-conforma-konflux-ta" is run with parameters:
9191
| SNAPSHOT_FILENAME | snapshotartifact |
9292
| SOURCE_DATA_ARTIFACT | oci:${REGISTRY}/acceptance/snapshotartifact@${BUILD_SNAPSHOT_DIGEST} |
93-
| POLICY_CONFIGURATION | {"publicKey":"-----BEGIN PUBLIC KEY-----\\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAERhr8Zj4dZW67zucg8fDr11M4lmRp\\nzN6SIcIjkvH39siYg1DkCoa2h2xMUZ10ecbM3/ECqvBV55YwQ2rcIEa7XQ==\\n-----END PUBLIC KEY-----","sources":[{"policy":["git::github.com/conforma/policy//policy/release?ref=d34eab36b23d43748e451004177ca144296bf323","git::github.com/conforma/policy//policy/lib?ref=d34eab36b23d43748e451004177ca144296bf323"],"config":{"include":["slsa_provenance_available"]}}]} |
93+
| POLICY_CONFIGURATION | {"publicKey":"-----BEGIN PUBLIC KEY-----\\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAERhr8Zj4dZW67zucg8fDr11M4lmRp\\nzN6SIcIjkvH39siYg1DkCoa2h2xMUZ10ecbM3/ECqvBV55YwQ2rcIEa7XQ==\\n-----END PUBLIC KEY-----","sources":[{"policy":["git::github.com/conforma/policy//policy/release?ref=release-v0.8","git::github.com/conforma/policy//policy/lib?ref=release-v0.8"],"config":{"include":["slsa_provenance_available"]}}]} |
9494
| STRICT | true |
9595
| IGNORE_REKOR | true |
9696
| TRUSTED_ARTIFACTS_DEBUG | "true" |

features/task_validate_image.feature

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -16,8 +16,8 @@ Feature: Verify Enterprise Contract Tekton Tasks
1616
"sources": [
1717
{
1818
"policy": [
19-
"github.com/conforma/policy//policy/release?ref=0de5461c14413484575e63e96ddb514d8ab954b5",
20-
"github.com/conforma/policy//policy/lib?ref=0de5461c14413484575e63e96ddb514d8ab954b5"
19+
"github.com/conforma/policy//policy/release?ref=release-v0.8",
20+
"github.com/conforma/policy//policy/lib?ref=release-v0.8"
2121
],
2222
"config": {
2323
"include": [
@@ -47,8 +47,8 @@ Feature: Verify Enterprise Contract Tekton Tasks
4747
"sources": [
4848
{
4949
"policy": [
50-
"github.com/conforma/policy//policy/release",
51-
"github.com/conforma/policy//policy/lib"
50+
"github.com/conforma/policy//policy/release?ref=release-v0.8",
51+
"github.com/conforma/policy//policy/lib?ref=release-v0.8"
5252
],
5353
"config": {
5454
"include": [
@@ -78,8 +78,8 @@ Feature: Verify Enterprise Contract Tekton Tasks
7878
"sources": [
7979
{
8080
"policy": [
81-
"github.com/conforma/policy//policy/release",
82-
"github.com/conforma/policy//policy/lib"
81+
"github.com/conforma/policy//policy/release?ref=release-v0.8",
82+
"github.com/conforma/policy//policy/lib?ref=release-v0.8"
8383
],
8484
"config": {
8585
"include": [
@@ -110,8 +110,8 @@ Feature: Verify Enterprise Contract Tekton Tasks
110110
"sources": [
111111
{
112112
"policy": [
113-
"github.com/conforma/policy//policy/release",
114-
"github.com/conforma/policy//policy/lib"
113+
"github.com/conforma/policy//policy/release?ref=release-v0.8",
114+
"github.com/conforma/policy//policy/lib?ref=release-v0.8"
115115
],
116116
"config": {
117117
"include": [
@@ -147,8 +147,8 @@ Feature: Verify Enterprise Contract Tekton Tasks
147147
"sources": [
148148
{
149149
"policy": [
150-
"github.com/conforma/policy//policy/release",
151-
"github.com/conforma/policy//policy/lib"
150+
"github.com/conforma/policy//policy/release?ref=release-v0.8",
151+
"github.com/conforma/policy//policy/lib?ref=release-v0.8"
152152
],
153153
"config": {
154154
"include": [
@@ -182,8 +182,8 @@ Feature: Verify Enterprise Contract Tekton Tasks
182182
"sources": [
183183
{
184184
"policy": [
185-
"github.com/conforma/policy//policy/release",
186-
"github.com/conforma/policy//policy/lib"
185+
"github.com/conforma/policy//policy/release?ref=release-v0.8",
186+
"github.com/conforma/policy//policy/lib?ref=release-v0.8"
187187
],
188188
"config": {
189189
"include": [
@@ -356,8 +356,8 @@ Feature: Verify Enterprise Contract Tekton Tasks
356356
"sources": [
357357
{
358358
"policy": [
359-
"github.com/conforma/policy//policy/release?ref=0de5461c14413484575e63e96ddb514d8ab954b5",
360-
"github.com/conforma/policy//policy/lib?ref=0de5461c14413484575e63e96ddb514d8ab954b5"
359+
"github.com/conforma/policy//policy/release?ref=release-v0.8",
360+
"github.com/conforma/policy//policy/lib?ref=release-v0.8"
361361
],
362362
"config": {
363363
"include": [
@@ -389,8 +389,8 @@ Feature: Verify Enterprise Contract Tekton Tasks
389389
"sources": [
390390
{
391391
"policy": [
392-
"github.com/conforma/policy//policy/release?ref=0de5461c14413484575e63e96ddb514d8ab954b5",
393-
"github.com/conforma/policy//policy/lib?ref=0de5461c14413484575e63e96ddb514d8ab954b5"
392+
"github.com/conforma/policy//policy/release?ref=release-v0.8",
393+
"github.com/conforma/policy//policy/lib?ref=release-v0.8"
394394
],
395395
"config": {
396396
"include": [

go.mod

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -159,7 +159,7 @@ require (
159159
github.com/clipperhouse/stringish v0.1.1 // indirect
160160
github.com/clipperhouse/uax29/v2 v2.3.0 // indirect
161161
github.com/cloudflare/circl v1.6.1 // indirect
162-
github.com/cncf/xds/go v0.0.0-20251022180443-0feb69152e9f // indirect
162+
github.com/cncf/xds/go v0.0.0-20251210132809-ee656c7534f5 // indirect
163163
github.com/cockroachdb/apd/v3 v3.2.1 // indirect
164164
github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be // indirect
165165
github.com/containerd/containerd/v2 v2.2.0 // indirect
@@ -191,8 +191,8 @@ require (
191191
github.com/emicklei/go-restful/v3 v3.13.0 // indirect
192192
github.com/emicklei/proto v1.14.2 // indirect
193193
github.com/emirpasic/gods v1.18.1 // indirect
194-
github.com/envoyproxy/go-control-plane/envoy v1.35.0 // indirect
195-
github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect
194+
github.com/envoyproxy/go-control-plane/envoy v1.36.0 // indirect
195+
github.com/envoyproxy/protoc-gen-validate v1.3.0 // indirect
196196
github.com/evanphx/json-patch/v5 v5.9.0 // indirect
197197
github.com/fatih/color v1.18.0 // indirect
198198
github.com/felixge/httpsnoop v1.0.4 // indirect
@@ -381,7 +381,7 @@ require (
381381
go.mongodb.org/mongo-driver v1.17.6 // indirect
382382
go.opencensus.io v0.24.0 // indirect
383383
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
384-
go.opentelemetry.io/contrib/detectors/gcp v1.38.0 // indirect
384+
go.opentelemetry.io/contrib/detectors/gcp v1.39.0 // indirect
385385
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.63.0 // indirect
386386
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0 // indirect
387387
go.opentelemetry.io/otel v1.42.0 // indirect
@@ -410,7 +410,7 @@ require (
410410
google.golang.org/genproto v0.0.0-20251202230838-ff82c1b0f217 // indirect
411411
google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 // indirect
412412
google.golang.org/genproto/googleapis/rpc v0.0.0-20260203192932-546029d2fa20 // indirect
413-
google.golang.org/grpc v1.78.0 // indirect
413+
google.golang.org/grpc v1.79.3 // indirect
414414
google.golang.org/protobuf v1.36.11 // indirect
415415
gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
416416
gopkg.in/inf.v0 v0.9.1 // indirect

0 commit comments

Comments
 (0)