As previously announced,
 two new SAST checks will become required tasks for most Konflux build 
pipelines on April 1st. On that date, pipelines without these tasks will
 start producing Conforma/Enterprise Contract violations. There are two 
recommended methods to get those tasks added to your pipeline before the
 deadline.    


Option 1: Use the konflux-pipeline-patcher script and create your own PR
There is a “one-liner” bash command
 that can be used to patch the two pipeline definition yaml files in the
 .tekton directory in the git repo of your Konflux component. If you run
 that (in the applicable branch) in your git repo and create a PR, you 
should be all set.

Note that it now automatically detects whether or not to use the trusted artifacts "-oci-ta" tasks.

Option 2: Request that a scripted PR be created for you (GitHub only)

The script here
 uses konflux-pipeline-patcher and then generates a PR. If you email me 
and tell me the git repo and branch, I’ll run that script and generate a
 PR similar to this one.