fix(RELEASE-1086): fix linting issues

- fix linting issues in rh-sign-image-cosign

Signed-off-by: Scott Hebert <[email protected]>

tasks/rh-sign-image-cosign/README.md

@@ -11,6 +11,9 @@ Tekton task to sign container images in snapshot by cosign.
 | signRegistryAccessPath | The relative path in the workspace to a text file that contains a list of repositories that needs registry.access.redhat.com image references to be signed (i.e. requires_terms=true), one repository string per line, e.g. "rhtas/cosign-rhel9". | No       | -             |
 | retries                | Retry cosign N times                                                                                                                                                                                                                              | Yes      | 3             |
 
+## Changes in 1.2.1
+* fix linting issues
+
 ## Changes in 1.2.0
 * Retry failed cosign
 

tasks/rh-sign-image-cosign/rh-sign-image-cosign.yaml

@@ -4,7 +4,7 @@ kind: Task
 metadata:
   name: rh-sign-image-cosign
   labels:
-    app.kubernetes.io/version: "1.2.0"
+    app.kubernetes.io/version: "1.2.1"
   annotations:
     tekton.dev/pipelines.minVersion: "0.12.1"
     tekton.dev/tags: release
@@ -77,15 +77,24 @@ spec:
         run_cosign () { # Expected arguments are [digest_reference, tag_reference]
             # Upload transparency log when rekor url is specified
             if [ -v REKOR_URL ]; then
-                COSIGN_COMMON_ARGS="-y --rekor-url=$REKOR_URL --key $SIGN_KEY"
+                COSIGN_COMMON_ARGS=(
+                  -y
+                  --rekor-url="$REKOR_URL"
+                  --key
+                  "$SIGN_KEY"
+                )
             else
-                COSIGN_COMMON_ARGS="--tlog-upload=false --key $SIGN_KEY"
+                COSIGN_COMMON_ARGS=(
+                  -tlog-upload=false
+                  --key
+                  "$SIGN_KEY"
+                )
             fi
             echo "Signing manifest $1 ($2)"
             attempt=0
             until [ "$attempt" -gt "$(params.retries)" ] ; do # 3 retries by default
                 cosign -t 3m0s sign\
-                ${COSIGN_COMMON_ARGS}\
+                "${COSIGN_COMMON_ARGS[@]}" \
                 --sign-container-identity "$2"\
                 "$1" && break
                 attempt=$((attempt+1))

tasks/rh-sign-image-cosign/tests/test-rh-sign-image-cosign-multiple-components.yaml

@@ -25,7 +25,7 @@ spec:
               _TEST_MANIFEST_LIST_OCI_REFERENCE="quay.io/redhat-pending/test-product----test-image0@sha256:0000"
               _TEST_REPO="quay.io/redhat-pending/test-product----test-image0"
 
-              cat > $(workspaces.data.path)/snapshot_spec.json << EOF
+              cat > "$(workspaces.data.path)/snapshot_spec.json" << EOF
               {
                 "application": "myapp",
                 "components": [

tasks/rh-sign-image-cosign/tests/test-rh-sign-image-cosign-retries.yaml

@@ -21,7 +21,7 @@ spec:
             script: |
               #!/usr/bin/env bash
               set -eux
-              cat > $(workspaces.data.path)/snapshot_spec.json << EOF
+              cat > "$(workspaces.data.path)/snapshot_spec.json" << EOF
               {
                 "application": "myapp",
                 "components": [

tasks/rh-sign-image-cosign/tests/test-rh-sign-image-cosign-single-component.yaml

@@ -21,7 +21,7 @@ spec:
             script: |
               #!/usr/bin/env bash
               set -eux
-              cat > $(workspaces.data.path)/snapshot_spec.json << EOF
+              cat > "$(workspaces.data.path)/snapshot_spec.json" << EOF
               {
                 "application": "myapp",
                 "components": [