From b8240061fc287a0aa28ae7633be986f6247ecb66 Mon Sep 17 00:00:00 2001
From: "service-bot-app[bot]" <service-bot-app[bot]@users.noreply.github.com>
Date: Mon, 22 Dec 2025 04:08:16 +0000
Subject: [PATCH] chore: update repo semaphore config

---
 .semaphore/semaphore.yml | 43 +++++++++-------------------------------
 1 file changed, 9 insertions(+), 34 deletions(-)

diff --git a/.semaphore/semaphore.yml b/.semaphore/semaphore.yml
index ab8f99ad1..7056babe0 100644
--- a/.semaphore/semaphore.yml
+++ b/.semaphore/semaphore.yml
@@ -7,7 +7,7 @@ version: v1.0
 name: build-test-release
 agent:
   machine:
-    type: s1-prod-ubuntu24-04-amd64-2
+    type: s1-prod-ubuntu24-04-amd64-1
 
 fail_fast:
   cancel:
@@ -26,7 +26,6 @@ global_job_config:
       - checkout
       - . vault-setup
       - . vault-sem-get-secret connect_s3sink_it
-      - . vault-sem-get-secret CONNECT_S3_SINK_ASSUME_ROLE_IT
       - sem-version java 8
       - . cache-maven restore
 
@@ -41,14 +40,14 @@ blocks:
         - name: Test
           commands:
             - . sem-pint
-            - mvn -Dcloud -Pjenkins -U -Dmaven.wagon.http.retryHandler.count=10 -Ddependency.check.skip=true -Daether.dependencyCollector.impl=bf -Dmaven.artifact.threads=100 --batch-mode --no-transfer-progress clean verify install dependency:analyze validate
+            - mvn -Dcloud -Pjenkins -U -Dmaven.wagon.http.retryHandler.count=10 --batch-mode --no-transfer-progress clean verify install dependency:analyze validate
             - export TRIVY_DISABLE_VEX_NOTICE=true
             - trivy version
             - echo "Check go/connector-dev-vuln-remediation for fixing or suppressing vulnerabilities found by trivy"
-            - trivy --skip-files "*.zip" rootfs --scanners vuln --db-repository public.ecr.aws/aquasecurity/trivy-db --java-db-repository public.ecr.aws/aquasecurity/trivy-java-db --ignore-unfixed --ignorefile
-              .trivyignore --exit-code 1 --severity CRITICAL kafka-connect-s3/target/components/packages
-            - trivy --skip-files "*.zip" rootfs --scanners vuln --db-repository public.ecr.aws/aquasecurity/trivy-db --java-db-repository public.ecr.aws/aquasecurity/trivy-java-db --ignore-unfixed --ignorefile
-              .trivyignore --severity HIGH,LOW,MEDIUM kafka-connect-s3/target/components/packages
+            - trivy --skip-files "*.zip" rootfs --scanners vuln --db-repository public.ecr.aws/aquasecurity/trivy-db --java-db-repository public.ecr.aws/aquasecurity/trivy-java-db --ignore-unfixed 
+              --ignorefile .trivyignore --exit-code 1 --severity CRITICAL target/components/packages
+            - trivy --skip-files "*.zip" rootfs --scanners vuln --db-repository public.ecr.aws/aquasecurity/trivy-db --java-db-repository public.ecr.aws/aquasecurity/trivy-java-db --ignore-unfixed 
+              --ignorefile .trivyignore --severity HIGH,LOW,MEDIUM target/components/packages
             - . cache-maven store
       epilogue:
         always:
@@ -65,7 +64,8 @@ blocks:
       jobs:
         - name: Release
           commands:
-            - mvn -Dcloud -Pjenkins -U -Dmaven.wagon.http.retryHandler.count=10 -Ddependency.check.skip=true -Daether.dependencyCollector.impl=bf -Dmaven.artifact.threads=100 --batch-mode -DaltDeploymentRepository=confluent-codeartifact-internal::default::https://confluent-519856050701.d.codeartifact.us-west-2.amazonaws.com/maven/maven-snapshots/
+            - mvn -Dcloud -Pjenkins -U -Dmaven.wagon.http.retryHandler.count=10 --batch-mode 
+              -DaltDeploymentRepository=confluent-codeartifact-internal::default::https://confluent-519856050701.d.codeartifact.us-west-2.amazonaws.com/maven/maven-snapshots/ 
               -DrepositoryId=confluent-codeartifact-internal deploy -DskipTests
   - name: Release Notes
     dependencies: []
@@ -78,35 +78,11 @@ blocks:
             - git clone --branch master --single-branch git@github.com:confluentinc/connect-releases.git
             - ./connect-releases/tasks/release-connect-plugins/generate-connect-changelogs.sh
 
-# This is auto-managed by connect-ci-cd-pipelines semaphore task, to disable please reach out on slack #connect-testability
-  - name: Connector Kafka Docker Playground Test
-    dependencies: []
-    run:
-      # Run this block only for pull requests
-      when: "pull_request =~ '.*'"
-    task:
-      jobs:
-        - name: Trigger Kafka Docker Playground Test
-          commands:
-            # Don't run this block if target branch for PR is not a nightly branch or master branch
-            - |
-              if [[ "$SEMAPHORE_GIT_BRANCH" =~ ^[0-9]+\.[0-9]+\.x$ ]] || [[ "$SEMAPHORE_GIT_BRANCH" == "master" ]] ; then \
-                echo "PR is targeted to ${SEMAPHORE_GIT_BRANCH} branch which is feature or master branch. Triggering run-kdp-matrix-on-pr-builds task."; \
-                sem-trigger -p connect-ci-cd-pipelines \
-                  -t run-kdp-matrix-on-pr-builds \
-                  -b master \
-                  -i "REPO_NAME:$(basename $SEMAPHORE_GIT_REPO_SLUG)" \
-                  -i "BRANCH_NAME:${SEMAPHORE_GIT_PR_BRANCH}" \
-                  -w
-              else \
-                echo "PR is targeted to ${SEMAPHORE_GIT_BRANCH} branch which is not feature or master branch. Skipping Kafka Docker Playground Test Task."; \
-              fi;
-
 after_pipeline:
   task:
     agent:
       machine:
-        type: s1-prod-ubuntu24-04-arm64-0
+        type: s1-prod-ubuntu24-04-arm64-00
     jobs:
       - name: Metrics
         commands:
@@ -117,6 +93,5 @@ after_pipeline:
       - name: SonarQube
         commands:
           - checkout
-          - sem-version java 11
           - artifact pull workflow target
           - emit-sonarqube-data --run_only_sonar_scan