Description of problem:

Take a look at your EC failures in your konflux pipelines.  Here are a couple:

✕ [Violation] hermetic_build_task.build_task_hermetic
  ImageRef: quay.io/redhat-user-workloads/crt-redhat-acm-tenant/multicluster-operators-subscription-acm-214@sha256:7b323302b0ef86231c990794db8bcecabcfc3729fd990eb986997cfe4ae0a960
  Reason: Build task was not invoked with the hermetic parameter set
  Title: Build task called with hermetic param set
  Description: Verify the build task in the PipelineRun attestation was invoked with the proper parameters to make the build
  process hermetic. To exclude this rule add "hermetic_build_task.build_task_hermetic" to the `exclude` section of the policy
  configuration.
  Solution: Make sure the task that builds the image has a parameter named 'HERMETIC' and it's set to 'true'.

✕ [Violation] labels.disallowed_inherited_labels
  ImageRef: quay.io/redhat-user-workloads/crt-redhat-acm-tenant/multicluster-operators-subscription-acm-214@sha256:7b323302b0ef86231c990794db8bcecabcfc3729fd990eb986997cfe4ae0a960
  Reason: The "com.redhat.component" label should not be inherited from the parent image
  Term: com.redhat.component
  Title: Disallowed inherited labels
  Description: Check that certain labels on the image have different values than the labels from the parent image. If the label is
  inherited from the parent image but not redefined for the image, it will contain an incorrect value for the image. Use the rule
  data `disallowed_inherited_labels` key to set the list of labels to check, or the `fbc_disallowed_inherited_labels` key for fbc
  images. To exclude this rule add "labels.disallowed_inherited_labels:com.redhat.component" to the `exclude` section of the
  policy configuration.
  Solution: Update the image build process to overwrite the inherited labels.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

1.  
2.  
3. ...

Actual results:

Expected results:

Additional info: