feat: Enable policy docs link in Tekton tasks

[dheerajodha]

Depends on #3173

Add --show-policy-docs-link=true to all Tekton validation tasks for prod envs.

Changes:

• verify-enterprise-contract
• verify-conforma-konflux-ta
• verify-conforma-konflux-vsa-ta"

[coderabbitai]

📝 Walkthrough

Walkthrough

Three Tekton task YAML files are updated to add the --show-policy-docs-link=true CLI flag to Conforma validation command invocations, enabling policy documentation links to be displayed during validation checks without altering control flow or other command arguments.

Changes

Cohort / File(s)	Summary
Conforma Validation Tasks tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml, tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml, tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml	Added --show-policy-docs-link=true CLI flag to Conforma ec validate command invocations across validate steps in three Tekton tasks. No changes to control flow, error handling, or other existing arguments.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~5 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely describes the main change: enabling policy docs links in Tekton tasks, which directly aligns with the changeset modifications.
Description check	✅ Passed	The description directly relates to the changeset, listing the specific tasks modified and the flag added, along with the rationale for the change.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[simonbaird]

The patch looks okay, but I think there's some messed up snapshot files.

Maybe start by putting them all back to how they were, then run export UPDATE_SNAPS=true ; make acceptance?

[simonbaird]

Nitpick: Commit messages sound a little AI-sloppy, especially the part where it says "Your colleague nailed it: " 😁

[dheerajodha]

The patch looks okay, but I think there's some messed up snapshot files.

Yes, those came from the commits related to PR for another ticket (EC-1603), and it contained those messy snapshot files (now fixed there). So, I decided to just rebase this branch on top of main branch and merge it once the other PR is merged first.

Nitpick: Commit messages sound a little AI-sloppy, especially the part where it says "Your colleague nailed it: " 😁

Woooops 😁 secret's out, my bot and I talk about you. But fr, sorry about that, I need to be more careful with commit messages. I've updated those commits at the source (#3173)

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml`:
- Line 393: The YAML adds the unsupported flag --show-policy-docs-link causing
unknown-flag failures; update the code that builds/assembles validate command
args (see cmd/validate/image.go and the function that constructs format/options
args) to check whether the CLI actually supports the flag before appending it:
use the command's FlagSet lookup (e.g.,
cmd.Flags().Lookup("show-policy-docs-link") or similar) or a dedicated
capability check and only append "--show-policy-docs-link=true" when the lookup
returns non-nil/true, otherwise skip adding it so the task remains compatible
with older CLI builds.

In
`@tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml`:
- Line 283: The task YAML includes an unsupported CLI flag
"--show-policy-docs-link=true" passed to the validate commands; remove both
occurrences of that flag from the argument lists for the validate vsa and
validate image commands (the entries invoking the validate vsa and validate
image commands in this task) so the commands only use registered flags; ensure
you delete the exact string "--show-policy-docs-link=true" from both places to
avoid unknown flag runtime errors.

In `@tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml`:
- Line 338: Add a compatibility guard around appending the CLI flag
--show-policy-docs-link to the ec validate image invocation: detect whether the
installed CLI supports that flag (e.g., run ec validate --help or parse
output/version) before adding "--show-policy-docs-link=true" and only append it
when supported; update the logic used where the flag is currently hardcoded (the
place adding "--show-policy-docs-link=true" in the task template) and apply the
same conditional pattern to the other occurrences of "--show-policy-docs-link"
in the verify-conforma-konflux-vsa-ta and verify-conforma-konflux-ta task
templates so the flag is never passed to CLI versions that don't support it.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0eb50443-2c8b-422f-8da2-41f21ebb9fd1

📥 Commits

Reviewing files that changed from the base of the PR and between bf7cd76 and 1a717bb.

📒 Files selected for processing (3)

• tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml
• tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml
• tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

rg -n --fixed-strings 'show-policy-docs-link' \
  tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml \
  cmd/validate

Repository: conforma/cli

Length of output: 167

---

🏁 Script executed:

# Search for the flag definition anywhere in the codebase
rg -n 'show-policy-docs-link' --type-list | head -20
rg -n 'show-policy-docs-link' -t go

Repository: conforma/cli

Length of output: 445

---

🏁 Script executed:

# Examine the validate image command structure
find . -name "image.go" -path "*/validate/*" -exec wc -l {} \;

Repository: conforma/cli

Length of output: 83

---

🏁 Script executed:

# Look for flag definitions in validate command
fd -e go . cmd/validate | head -20

Repository: conforma/cli

Length of output: 341

---

🏁 Script executed:

# Search for show-policy-docs-link in Go files
rg -t go 'show-policy-docs-link' .

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Examine image.go structure to find flag definitions
head -100 cmd/validate/image.go

Repository: conforma/cli

Length of output: 3574

---

🏁 Script executed:

# Look for flag registration patterns (common in cobra CLI)
rg -t go 'AddFlag|Flag\(' cmd/validate/image.go | head -30

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Search for flag registration in image.go more thoroughly
cat -n cmd/validate/image.go | grep -A2 -B2 'Flags\|Flag\|AddCommand' | head -80

Repository: conforma/cli

Length of output: 4332

---

🏁 Script executed:

# Look for all flag definitions (using Flags() method typical in cobra)
rg -t go 'cmd\.Flags\(\)' cmd/validate/image.go -A 3 | head -100

Repository: conforma/cli

Length of output: 6227

---

🏁 Script executed:

# Search for where flags are bound to struct fields
rg -t go 'BindFlags|MarkFlagRequired' cmd/validate/image.go -B 2 -A 2

Repository: conforma/cli

Length of output: 206

---

🏁 Script executed:

# Search for show-policy-docs-link and show-successes flags in the entire file
rg -t go 'show-successes|show-policy-docs-link' cmd/validate/image.go -B 2 -A 2

Repository: conforma/cli

Length of output: 425

---

🏁 Script executed:

# Look at the full flag definitions section around show-successes
sed -n '550,650p' cmd/validate/image.go

Repository: conforma/cli

Length of output: 4737

---

🏁 Script executed:

# Search the entire image.go for where show-successes flag is registered
rg -t go 'show-successes' cmd/validate/image.go -B 5 -A 5

Repository: conforma/cli

Length of output: 1141

---

🏁 Script executed:

# Look for all BoolVar registrations in image.go to see the pattern
rg -t go 'BoolVar' cmd/validate/image.go

Repository: conforma/cli

Length of output: 616

---

🏁 Script executed:

# Check if show-successes and show-warnings are defined elsewhere, maybe in output package
rg -t go 'show-successes|show-warnings' . --max-count 20

Repository: conforma/cli

Length of output: 5339

---

🏁 Script executed:

# Look more carefully - show-successes might be an output format option, not a flag
rg -t go 'show-successes\|show-warnings' cmd/validate/image.go -B 10

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Check if these are query parameters for output, not CLI flags
sed -n '330,350p' cmd/validate/image.go

Repository: conforma/cli

Length of output: 840

---

🏁 Script executed:

# Check validate.go to see where show-successes and show-warnings are registered
cat -n cmd/validate/validate.go | grep -A 5 -B 5 'show-successes\|show-warnings'

Repository: conforma/cli

Length of output: 423

---

🏁 Script executed:

# Now search for show-policy-docs-link anywhere in the entire codebase
rg 'show-policy-docs-link' --type-list 2>/dev/null | head -1 || rg 'policy-docs-link' .

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Check git history to see if this flag was recently added
git log --oneline -n 20 -- cmd/validate/image.go 2>/dev/null | head -10

Repository: conforma/cli

Length of output: 110

---

🏁 Script executed:

# Check the recent commit that mentions policy docs link
git show 1a717bb8 --stat 2>/dev/null | head -30

Repository: conforma/cli

Length of output: 1503

---

🏁 Script executed:

# Look for policy docs link in the output formatting code
rg -t go 'policy.*doc\|docs.*link' internal/ --max-count 20

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Search in internal/format and internal/output for this option
rg -t go 'PolicyDocs\|policyDocs\|policy-docs' . --max-count 20

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Get the full diff of the commit
git show 1a717bb8 --no-stat 2>/dev/null | head -200

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Check if show-policy-docs-link flag is defined as a registered flag in image.go or elsewhere
rg -t go 'show-policy-docs-link' cmd/validate/

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Check internal/format/target.go for output options handling
rg -t go 'show-' internal/format/target.go -B 3 -A 3

Repository: conforma/cli

Length of output: 343

---

🏁 Script executed:

# Check the exact output of git show to see what was added
git show 1a717bb8 -- tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml 2>/dev/null | grep -A 5 -B 5 'show-policy-docs-link' | head -30

Repository: conforma/cli

Length of output: 905

---

🏁 Script executed:

# Check if there's a flag definition anywhere with this name by searching all Go files
fd -e go . | xargs grep -l 'show-policy-docs-link' 2>/dev/null

Repository: conforma/cli

Length of output: 40

---

🏁 Script executed:

# Let's check the Options struct in format package to see what options are supported
cat -n internal/format/target.go | grep -A 30 'type Options'

Repository: conforma/cli

Length of output: 884

---

🏁 Script executed:

# Final verification: check if flag is registered anywhere in Go code with a broader search
rg -t go 'show.policy.*docs|policy.*docs.*link' .

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Confirm there is truly no flag registration or handling for show-policy-docs-link
rg -t go '"show-policy-docs-link"' cmd/

Repository: conforma/cli

Length of output: 38

---

Guard this flag by CLI capability to avoid unknown flag failures

Line 393 uses a flag that is not implemented in the CLI. The --show-policy-docs-link flag was added to the task file but is not registered in cmd/validate/image.go or handled in the format options. Conditionally append it only when supported.

Compatibility-safe patch

         cmd_args+=(
           --rekor-url="${REKOR_HOST}"
           --workers="${WORKERS}"
           --info="${INFO}"
           --timeout=0
           --strict=false
           --show-successes=true
-          --show-policy-docs-link=true
           --effective-time="${EFFECTIVE_TIME}"
           --extra-rule-data="${EXTRA_RULE_DATA}"
           --retry-max-wait="${RETRY_MAX_WAIT}"
           --retry-max-retry="${RETRY_MAX_RETRY}"
           --retry-duration="${RETRY_DURATION}"
           --retry-factor="${RETRY_FACTOR}"
           --retry-jitter="${RETRY_JITTER}"
           --output="text=${HOMEDIR}/text-report.txt?show-successes=false"
           --output="json=${HOMEDIR}/report-json.json"
           --output="appstudio=$(results.TEST_OUTPUT.path)"
         )
+
+        if ec validate image --help 2>&1 | grep -q -- '--show-policy-docs-link'; then
+          cmd_args+=(--show-policy-docs-link=true)
+        fi

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml` at line
393, The YAML adds the unsupported flag --show-policy-docs-link causing
unknown-flag failures; update the code that builds/assembles validate command
args (see cmd/validate/image.go and the function that constructs format/options
args) to check whether the CLI actually supports the flag before appending it:
use the command's FlagSet lookup (e.g.,
cmd.Flags().Lookup("show-policy-docs-link") or similar) or a dedicated
capability check and only append "--show-policy-docs-link=true" when the lookup
returns non-nil/true, otherwise skip adding it so the task remains compatible
with older CLI builds.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "Task usage:"
rg -n --fixed-strings 'show-policy-docs-link' \
  tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml

echo
echo "CLI flag registrations (validate commands):"
rg -n --fixed-strings 'show-policy-docs-link' cmd/validate || true

echo
echo "Validate image flags file context:"
sed -n '470,620p' cmd/validate/image.go | rg -n --fixed-strings 'show-policy-docs-link' || true

Repository: conforma/cli

Length of output: 238

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "=== Context around YAML line 283 and 340 ==="
sed -n '275,290p' tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml | cat -n
echo
sed -n '332,347p' tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml | cat -n

echo
echo "=== Full validate command file structure ==="
find cmd/validate -type f -name "*.go" | sort

echo
echo "=== Check for flag registration patterns in all validate files ==="
rg -n "show.policy|PolicyDocs|policy.*docs" cmd/validate || echo "No matches found"

echo
echo "=== Search for flag registration in full image.go file ==="
wc -l cmd/validate/image.go
rg -n "show-policy" cmd/validate/image.go || echo "Not found in image.go"

echo
echo "=== Check if validate vsa exists ==="
find cmd/validate -name "*vsa*" -o -name "*vsa*.go"

Repository: conforma/cli

Length of output: 2254

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "=== vsa.go flag registration section ==="
# Look for where flags are registered (typically Flags() section or cmd.Flags().X patterns)
rg -A 20 "func.*Cmd\(\)|PersistentFlags\(\)|Flags\(\)" cmd/validate/vsa.go | head -80

echo
echo "=== image.go flag registration section ==="
rg -A 20 "func.*Cmd\(\)|PersistentFlags\(\)|Flags\(\)" cmd/validate/image.go | head -80

echo
echo "=== Check if flag appears in any other files in repo ==="
rg -l "show-policy-docs-link" --type go --type yaml . 2>/dev/null || echo "Only in YAML task file"

Repository: conforma/cli

Length of output: 8602

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "=== Searching for show-successes in image.go to find where output flags are ==="
rg -n "show-successes" cmd/validate/image.go

echo
echo "=== Searching for all flag definitions containing 'show' in image.go ==="
rg -n 'cmd.Flags.*"show' cmd/validate/image.go

echo
echo "=== Full validation: search entire codebase for --show-policy-docs-link registration ==="
rg -n "show.policy.docs.link|show-policy-docs-link" cmd/ || echo "Not found in cmd/"

Repository: conforma/cli

Length of output: 590

---

--show-policy-docs-link flag is not registered in either validate image or validate vsa commands

Lines 283 and 340 use this flag, but a comprehensive search of cmd/validate/ confirms it is not defined in either image.go or vsa.go. Both commands will fail with "unknown flag" error at runtime, blocking task execution.

Remove both occurrences until CLI support is available:

Remove unsupported flags

-        - "--show-policy-docs-link=true"

Apply to both line 283 (validate vsa) and line 340 (validate image).

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

- "--show-policy-docs-link=true"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml`
at line 283, The task YAML includes an unsupported CLI flag
"--show-policy-docs-link=true" passed to the validate commands; remove both
occurrences of that flag from the argument lists for the validate vsa and
validate image commands (the entries invoking the validate vsa and validate
image commands in this task) so the commands only use registered flags; ensure
you delete the exact string "--show-policy-docs-link=true" from both places to
avoid unknown flag runtime errors.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

rg -n --fixed-strings 'show-policy-docs-link' \
  tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml \
  cmd/validate

Repository: conforma/cli

Length of output: 167

---

🏁 Script executed:

# First, let's check if cmd/validate/image.go exists and examine its content
find . -path "*/cmd/validate*" -type f -name "*.go" | head -20

Repository: conforma/cli

Length of output: 363

---

🏁 Script executed:

# Search for where show-policy-docs-link flag is actually defined in the codebase
rg -n 'show-policy-docs-link' --type go --type yaml --type txt

Repository: conforma/cli

Length of output: 523

---

🏁 Script executed:

# Check the cmd/validate directory structure
ls -la cmd/validate/ 2>/dev/null || echo "Directory not found or no permission"

Repository: conforma/cli

Length of output: 1023

---

🏁 Script executed:

# Look for flag definitions in validate command code
rg -n 'AddFlags\|Flag\|define.*flag' cmd/validate --type go | head -30

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Read image.go to examine what flags are actually defined
cat -n cmd/validate/image.go | head -100

Repository: conforma/cli

Length of output: 4274

---

🏁 Script executed:

# Search for flag definitions more broadly in image.go
rg -n 'Flag\|flag\|show-policy' cmd/validate/image.go -A 2 -B 2 | head -50

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Check if show-policy-docs-link appears anywhere in Go code
rg -n 'show-policy-docs-link' --type go

Repository: conforma/cli

Length of output: 38

---

🏁 Script executed:

# Search for flag registration patterns in image.go
rg -n 'MarkFlag|StringVar|BoolVar|Flag\(' cmd/validate/image.go | head -40

Repository: conforma/cli

Length of output: 2659

---

🏁 Script executed:

# Get a larger section of image.go to see flag registration
cat -n cmd/validate/image.go | grep -A 5 -B 5 'cmd.Flags\|cmd.PersistentFlags\|MarkFlag' | head -100

Repository: conforma/cli

Length of output: 5634

---

🏁 Script executed:

# Search for any version or comment mentioning when this flag might have been added
rg -n 'policy.*doc|show.*policy' cmd/validate/image.go

Repository: conforma/cli

Length of output: 38

---

Add compatibility guard for undefined CLI flag before enabling

Line 338 references --show-policy-docs-link, which is not defined in the ec validate image command. This will cause task failures on current CLI builds.

The flag must be conditionally added only when the CLI supports it. Wrap the flag addition in a compatibility check:

Compatibility-safe patch

         cmd_args+=(
           --rekor-url="${REKOR_HOST}"
           --workers="${WORKERS}"
           --info="${INFO}"
           --timeout=0
           --strict=false
           --show-successes=true
-          --show-policy-docs-link=true
           --effective-time="${EFFECTIVE_TIME}"
           --extra-rule-data="${EXTRA_RULE_DATA}"
           --retry-max-wait="${RETRY_MAX_WAIT}"
           --retry-max-retry="${RETRY_MAX_RETRY}"
           --retry-duration="${RETRY_DURATION}"
           --retry-factor="${RETRY_FACTOR}"
           --retry-jitter="${RETRY_JITTER}"
           --output="text=${HOMEDIR}/text-report.txt?show-successes=false"
           --output="json=${HOMEDIR}/report-json.json"
           --output="appstudio=$(results.TEST_OUTPUT.path)"
         )
+
+        if ec validate image --help 2>&1 | grep -q -- '--show-policy-docs-link'; then
+          cmd_args+=(--show-policy-docs-link=true)
+        fi

Note: This same undefined flag also appears in verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml (lines 283, 340) and verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml (line 393). Apply the same guard pattern to all three task files.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	--show-policy-docs-link=true
	if ec validate image --help 2>&1 | grep -q -- '--show-policy-docs-link'; then
	cmd_args+=(--show-policy-docs-link=true)
	fi

Suggested change

	--show-policy-docs-link=true
	cmd_args+=(
	--rekor-url="${REKOR_HOST}"
	--workers="${WORKERS}"
	--info="${INFO}"
	--timeout=0
	--strict=false
	--show-successes=true
	--effective-time="${EFFECTIVE_TIME}"
	--extra-rule-data="${EXTRA_RULE_DATA}"
	--retry-max-wait="${RETRY_MAX_WAIT}"
	--retry-max-retry="${RETRY_MAX_RETRY}"
	--retry-duration="${RETRY_DURATION}"
	--retry-factor="${RETRY_FACTOR}"
	--retry-jitter="${RETRY_JITTER}"
	--output="text=${HOMEDIR}/text-report.txt?show-successes=false"
	--output="json=${HOMEDIR}/report-json.json"
	--output="appstudio=$(results.TEST_OUTPUT.path)"
	)
	if ec validate image --help 2>&1 | grep -q -- '--show-policy-docs-link'; then
	cmd_args+=(--show-policy-docs-link=true)
	fi

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml` at line
338, Add a compatibility guard around appending the CLI flag
--show-policy-docs-link to the ec validate image invocation: detect whether the
installed CLI supports that flag (e.g., run ec validate --help or parse
output/version) before adding "--show-policy-docs-link=true" and only append it
when supported; update the logic used where the flag is currently hardcoded (the
place adding "--show-policy-docs-link=true" in the task template) and apply the
same conditional pattern to the other occurrences of "--show-policy-docs-link"
in the verify-conforma-konflux-vsa-ta and verify-conforma-konflux-ta task
templates so the flag is never passed to CLI versions that don't support it.