From 5e083c1661898ae76ad299010324cf3c0948e31b Mon Sep 17 00:00:00 2001
From: "Benguria Elguezabal, Gorka" <gorka.benguria@tecnalia.com>
Date: Sun, 12 May 2024 14:13:06 +0200
Subject: [PATCH] enables configuration of tbc-check image

---
 .gitlab-ci.yml                 |  1 +
 README.md                      |  6 +++---
 kicker.json                    | 30 +++++++++++++++++++-----------
 templates/gitlab-ci-docker.yml |  8 ++++++++
 4 files changed, 31 insertions(+), 14 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 5c2f0b0..22df57b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -6,6 +6,7 @@ include:
     inputs:
       check-links-job-tags: ["docker"]
       tbc-check-job-tags: ["docker"]
+      tbc-check-image: registry.gitlab.com/gbenguria/tbc-check:main
   - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/kicker/validation@master
     inputs:
       kicker-validation-job-tags: ["docker"]
diff --git a/README.md b/README.md
index 061530c..1740c66 100644
--- a/README.md
+++ b/README.md
@@ -410,7 +410,7 @@ It is bound to the `package-test` stage, and uses the following variables:
 | `trivy-args` / `DOCKER_TRIVY_ARGS` | Additional [`trivy client` arguments](https://aquasecurity.github.io/trivy/v0.27.1/docs/references/cli/client/)  | `--ignore-unfixed --vuln-type os` |
 | `trivy-db-repository` / `DOCKER_TRIVY_DB_REPOSITORY` | OCI repository to retrieve Trivy Database from | _none_ (use Trivy default `ghcr.io/aquasecurity/trivy-db`) |
 | `trivy-java-db-repository` / `DOCKER_TRIVY_JAVA_DB_REPOSITORY` | OCI repository to retrieve Trivy Java Database from | _none_ (use Trivy default `ghcr.io/aquasecurity/trivy-java-db:1`)_ |
-| `docker-trivy-job-tags` / `DOCKER_TRIVY_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
+| `docker-trivy-job-tags` / `DOCKER_DOCKER_TRIVY_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
 
 In addition to a textual report in the console, this job produces the following reports, kept for one day:
 
@@ -430,7 +430,7 @@ It is bound to the `package-test` stage, and uses the following variables:
 | `sbom-disabled` / `DOCKER_SBOM_DISABLED` | Set to `true` to disable this job | _none_ |
 | `sbom-image` / `DOCKER_SBOM_IMAGE` | The docker image used to emit SBOM | `registry.hub.docker.com/anchore/syft:debug` |
 | `sbom-opts` / `DOCKER_SBOM_OPTS` | Options for syft used for SBOM analysis | `--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger` |
-| `docker-sbom-job-tags` / `DOCKER_SBOM_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
+| `docker-sbom-job-tags` / `DOCKER_DOCKER_SBOM_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
 
 ### `docker-publish` job
 
@@ -444,7 +444,7 @@ This job pushes (_promotes_) the built image as the _release_ image [skopeo](htt
 | `release-extra-tags-pattern` / `DOCKER_RELEASE_EXTRA_TAGS_PATTERN` | Defines the image tag pattern that `$DOCKER_RELEASE_IMAGE` should match to push extra tags (supports capturing groups - [see below](#using-extra-tags)) | `^v?(?P<major>[0-9]+)\\.(?P<minor>[0-9]+)\\.(?P<patch>[0-9]+)(?P<suffix>(?P<prerelease>-[0-9A-Za-z-\\.]+)?(?P<build>\\+[0-9A-Za-z-\\.]+)?)$` _(SemVer pattern)_ |
 | `release-extra-tags` / `DOCKER_RELEASE_EXTRA_TAGS` | Defines extra tags to publish the _release_ image (supports capturing group references from `$DOCKER_RELEASE_EXTRA_TAGS_PATTERN` - [see below](#using-extra-tags))       | _(none)_          |
 | `semrel-release-disabled` / `DOCKER_SEMREL_RELEASE_DISABLED` | Set to `true` to disable [semantic-release integration](#semantic-release-integration)   | _none_ (enabled) |
-| `docker-publish-job-tags` / `DOCKER_PUBLISH_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
+| `docker-publish-job-tags` / `DOCKER_DOCKER_PUBLISH_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
 
 This job produces _output variables_ that are propagated to downstream jobs (using [dotenv artifacts](https://docs.gitlab.com/ee/ci/pipelines/job_artifacts.html#artifactsreportsdotenv)):
 
diff --git a/kicker.json b/kicker.json
index f00989e..3893cd8 100644
--- a/kicker.json
+++ b/kicker.json
@@ -124,25 +124,29 @@
     {
       "name": "DOCKER_KANIKO_BUILD_JOB_TAGS",
       "description": "Tags to be used for selecting runners for the job",
-      "default": "[]",
+      "type": "array",
+      "default": [],
       "advanced": true
     },
     {
       "name": "DOCKER_DIND_BUILD_JOB_TAGS",
       "description": "Tags to be used for selecting runners for the job",
-      "default": "[]",
+      "type": "array",
+      "default": [],
       "advanced": true
     },
     {
       "name": "DOCKER_BUILDAH_BUILD_JOB_TAGS",
       "description": "Tags to be used for selecting runners for the job",
-      "default": "[]",
+      "type": "array",
+      "default": [],
       "advanced": true
     },
     {
-      "name": "DOCKER_PUBLISH_JOB_TAGS",
+      "name": "DOCKER_DOCKER_PUBLISH_JOB_TAGS",
       "description": "Tags to be used for selecting runners for the job",
-      "default": "[]",
+      "type": "array",
+      "default": [],
       "advanced": true
     }
   ],
@@ -166,7 +170,8 @@
         {
           "name": "DOCKER_HADOLINT_JOB_TAGS",
           "description": "Tags to be used for selecting runners for the job",
-          "default": "[]",
+          "type": "array",
+          "default": [],
           "advanced": true
         }
       ]
@@ -197,7 +202,8 @@
         {
           "name": "DOCKER_HEALTHCHECK_JOB_TAGS",
           "description": "Tags to be used for selecting runners for the job",
-          "default": "[]",
+          "type": "array",
+          "default": [],
           "advanced": true
         }
       ]
@@ -243,9 +249,10 @@
           "advanced": true
         },
         {
-          "name": "DOCKER_TRIVY_JOB_TAGS",
+          "name": "DOCKER_DOCKER_TRIVY_JOB_TAGS",
           "description": "Tags to be used for selecting runners for the job",
-          "default": "[]",
+          "type": "array",
+          "default": [],
           "advanced": true
         }
       ]
@@ -267,9 +274,10 @@
           "advanced": true
         },
         {
-          "name": "DOCKER_SBOM_JOB_TAGS",
+          "name": "DOCKER_DOCKER_SBOM_JOB_TAGS",
           "description": "Tags to be used for selecting runners for the job",
-          "default": "[]",
+          "type": "array",
+          "default": [],
           "advanced": true
         }
       ]
diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml
index 4b154ee..1adc422 100644
--- a/templates/gitlab-ci-docker.yml
+++ b/templates/gitlab-ci-docker.yml
@@ -326,6 +326,14 @@ variables:
   DOCKER_TRIVY_DISABLED: $[[ inputs.trivy-disabled ]]
   DOCKER_TRIVY_ADDR: $[[ inputs.trivy-addr ]]
   DOCKER_SBOM_DISABLED: $[[ inputs.sbom-disabled ]]
+  DOCKER_HADOLINT_JOB_TAGS: $[[ inputs.hadolint-job-tags ]]
+  DOCKER_KANIKO_BUILD_JOB_TAGS: $[[ inputs.kaniko-build-job-tags ]]
+  DOCKER_DIND_BUILD_JOB_TAGS: $[[ inputs.dind-build-job-tags ]]
+  DOCKER_BUILDAH_BUILD_JOB_TAGS: $[[ inputs.buildah-build-job-tags ]]
+  DOCKER_HEALTHCHECK_JOB_TAGS: $[[ inputs.healthcheck-job-tags ]]
+  DOCKER_DOCKER_TRIVY_JOB_TAGS: $[[ inputs.docker-trivy-job-tags ]]
+  DOCKER_DOCKER_SBOM_JOB_TAGS: $[[ inputs.docker-sbom-job-tags ]]
+  DOCKER_DOCKER_PUBLISH_JOB_TAGS: $[[ inputs.docker-publish-job-tags ]]
 
 # ==================================================
 # Stages definition
-- 
GitLab