feat: Enable policy docs link in Tekton tasks

[dheerajodha]

Depends on #3173

Add --show-policy-docs-link=true to all Tekton validation tasks for prod envs.

Changes:

• verify-enterprise-contract
• verify-conforma-konflux-ta
• verify-conforma-konflux-vsa-ta"

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4c3dfd42-e49d-442f-8934-8325e754a276

📥 Commits

Reviewing files that changed from the base of the PR and between 1a717bb and de1b1a4.

📒 Files selected for processing (3)

• tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml
• tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml
• tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml

✅ Files skipped from review due to trivial changes (2)

• tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml
• tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml

🚧 Files skipped from review as they are similar to previous changes (1)

• tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml

---

📝 Walkthrough

Walkthrough

Three Tekton task YAML files were updated to add the --show-policy-docs-link=true flag to Conforma ec validate command invocations, enabling policy documentation links in validation output; no control flow, retry, or other argument changes were made. (45 words)

Changes

Cohort / File(s)	Summary
Conforma Validation Tasks tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml, tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml, tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml	Added --show-policy-docs-link=true to Conforma ec validate command invocations in the validate steps. No other CLI args, control flow, error handling, or exported interfaces were changed.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~5 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly describes the main change: enabling a policy docs link feature across Tekton validation tasks.
Description check	✅ Passed	The description is directly related to the changeset, listing the three affected tasks and the flag being added.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[simonbaird]

The patch looks okay, but I think there's some messed up snapshot files.

Maybe start by putting them all back to how they were, then run export UPDATE_SNAPS=true ; make acceptance?

[simonbaird]

Nitpick: Commit messages sound a little AI-sloppy, especially the part where it says "Your colleague nailed it: " 😁

[dheerajodha]

The patch looks okay, but I think there's some messed up snapshot files.

Yes, those came from the commits related to PR for another ticket (EC-1603), and it contained those messy snapshot files (now fixed there). So, I decided to just rebase this branch on top of main branch and merge it once the other PR is merged first.

Nitpick: Commit messages sound a little AI-sloppy, especially the part where it says "Your colleague nailed it: " 😁

Woooops 😁 secret's out, my bot and I talk about you. But fr, sorry about that, I need to be more careful with commit messages. I've updated those commits at the source (#3173)

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml`:
- Line 393: The YAML adds the unsupported flag --show-policy-docs-link causing
unknown-flag failures; update the code that builds/assembles validate command
args (see cmd/validate/image.go and the function that constructs format/options
args) to check whether the CLI actually supports the flag before appending it:
use the command's FlagSet lookup (e.g.,
cmd.Flags().Lookup("show-policy-docs-link") or similar) or a dedicated
capability check and only append "--show-policy-docs-link=true" when the lookup
returns non-nil/true, otherwise skip adding it so the task remains compatible
with older CLI builds.

In
`@tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml`:
- Line 283: The task YAML includes an unsupported CLI flag
"--show-policy-docs-link=true" passed to the validate commands; remove both
occurrences of that flag from the argument lists for the validate vsa and
validate image commands (the entries invoking the validate vsa and validate
image commands in this task) so the commands only use registered flags; ensure
you delete the exact string "--show-policy-docs-link=true" from both places to
avoid unknown flag runtime errors.

In `@tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml`:
- Line 338: Add a compatibility guard around appending the CLI flag
--show-policy-docs-link to the ec validate image invocation: detect whether the
installed CLI supports that flag (e.g., run ec validate --help or parse
output/version) before adding "--show-policy-docs-link=true" and only append it
when supported; update the logic used where the flag is currently hardcoded (the
place adding "--show-policy-docs-link=true" in the task template) and apply the
same conditional pattern to the other occurrences of "--show-policy-docs-link"
in the verify-conforma-konflux-vsa-ta and verify-conforma-konflux-ta task
templates so the flag is never passed to CLI versions that don't support it.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0eb50443-2c8b-422f-8da2-41f21ebb9fd1

📥 Commits

Reviewing files that changed from the base of the PR and between bf7cd76 and 1a717bb.

📒 Files selected for processing (3)

• tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml
• tasks/verify-conforma-konflux-vsa-ta/0.1/verify-conforma-konflux-vsa-ta.yaml
• tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

Flag	Coverage Δ
acceptance	55.20% <ø> (ø)
generative	17.87% <ø> (ø)
integration	26.61% <ø> (ø)
unit	69.01% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[st3penta]

LGTM