diff --git a/.tekton/docker-build.yaml b/.tekton/docker-build.yaml
index 5ae4bc3f..9b6e2da5 100755
--- a/.tekton/docker-build.yaml
+++ b/.tekton/docker-build.yaml
@@ -13,20 +13,6 @@ spec:
 
     _Uses `buildah` to create a multi-platform container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. This pipeline requires that the [multi platform controller](https://github.com/konflux-ci/multi-platform-controller) is deployed and configured on your Konflux instance. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://conforma.dev/docs/policy/packages/release_trusted_task.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
     This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-multi-platform-oci-ta?tab=tags)_
-  finally:
-  - name: show-sbom
-    params:
-    - name: IMAGE_URL
-      value: $(tasks.build-image-index.results.IMAGE_URL)
-    taskRef:
-      params:
-      - name: name
-        value: show-sbom
-      - name: bundle
-        value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:beb0616db051952b4b861dd8c3e00fa1c0eccbd926feddf71194d3bb3ace9ce7
-      - name: kind
-        value: task
-      resolver: bundles
   params:
   - default:
     - linux/x86_64
@@ -86,7 +72,7 @@ spec:
     name: hermetic
     type: string
   - default: ""
-    description: Build dependencies to be prefetched by Cachi2
+    description: Build dependencies to be prefetched
     name: prefetch-input
     type: string
   - default: ""
@@ -98,6 +84,11 @@ spec:
     description: Add built image into an OCI image index
     name: build-image-index
     type: string
+  - default: docker
+    description: The format for the resulting image's mediaType. Valid values are
+      oci or docker.
+    name: buildah-format
+    type: string
   - default: []
     description: Array of --build-arg values ("arg=value" strings) for buildah
     name: build-args
@@ -274,6 +265,10 @@ spec:
       value: $(params.build-args-file)
     - name: PRIVILEGED_NESTED
       value: $(params.privileged-nested)
+    - name: SOURCE_URL
+      value: $(tasks.clone-repository.results.url)
+    - name: BUILDAH_FORMAT
+      value: $(params.buildah-format)
     - name: SOURCE_ARTIFACT
       value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
     - name: CACHI2_ARTIFACT
@@ -309,6 +304,8 @@ spec:
     - name: IMAGES
       value:
       - $(tasks.build-images.results.IMAGE_REF[*])
+    - name: BUILDAH_FORMAT
+      value: $(params.buildah-format)
     runAfter:
     - build-images
     taskRef:
@@ -377,7 +374,12 @@ spec:
       operator: in
       values:
       - "false"
-  - name: clair-scan
+  - matrix:
+      params:
+      - name: image-platform
+        value:
+        - $(params.build-platforms)
+    name: clair-scan
     params:
     - name: image-digest
       value: $(tasks.build-image-index.results.IMAGE_DIGEST)
@@ -399,7 +401,12 @@ spec:
       operator: in
       values:
       - "false"
-  - name: ecosystem-cert-preflight-checks
+  - matrix:
+      params:
+      - name: platform
+        value:
+        - $(params.build-platforms)
+    name: ecosystem-cert-preflight-checks
     params:
     - name: image-url
       value: $(tasks.build-image-index.results.IMAGE_URL)
diff --git a/.tekton/kn-backstage-plugins-eventmesh-118-pull-request.yaml b/.tekton/kn-backstage-plugins-eventmesh-118-pull-request.yaml
index 913188c2..839a77a8 100755
--- a/.tekton/kn-backstage-plugins-eventmesh-118-pull-request.yaml
+++ b/.tekton/kn-backstage-plugins-eventmesh-118-pull-request.yaml
@@ -21,12 +21,13 @@ spec:
       value: openshift/ci-operator/knative-images/eventmesh/Dockerfile
     - name: build-args
       value:
-        - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.24
-        - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal
-        - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21
-        - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime
-        - NODE_BUILDER=registry.access.redhat.com/ubi8/nodejs-20
-        - NODE_RUNTIME=registry.access.redhat.com/ubi8/nodejs-20
+        - CLI_ARTIFACTS=registry.redhat.io/openshift4/ose-cli-artifacts-rhel9:v4.16
+        - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_golang_1.23
+        - GO_RUNTIME=registry.access.redhat.com/ubi9/ubi-minimal
+        - JAVA_BUILDER=registry.access.redhat.com/ubi9/openjdk-21
+        - JAVA_RUNTIME=registry.access.redhat.com/ubi9/openjdk-21-runtime
+        - NODE_BUILDER=registry.access.redhat.com/ubi9/nodejs-20
+        - NODE_RUNTIME=registry.access.redhat.com/ubi9/nodejs-20
         - VERSION=1.38.0
     - name: git-url
       value: '{{source_url}}'
diff --git a/.tekton/kn-backstage-plugins-eventmesh-118-push.yaml b/.tekton/kn-backstage-plugins-eventmesh-118-push.yaml
index 3021a624..789d4d9d 100755
--- a/.tekton/kn-backstage-plugins-eventmesh-118-push.yaml
+++ b/.tekton/kn-backstage-plugins-eventmesh-118-push.yaml
@@ -20,12 +20,13 @@ spec:
       value: openshift/ci-operator/knative-images/eventmesh/Dockerfile
     - name: build-args
       value:
-        - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.24
-        - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal
-        - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21
-        - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime
-        - NODE_BUILDER=registry.access.redhat.com/ubi8/nodejs-20
-        - NODE_RUNTIME=registry.access.redhat.com/ubi8/nodejs-20
+        - CLI_ARTIFACTS=registry.redhat.io/openshift4/ose-cli-artifacts-rhel9:v4.16
+        - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_golang_1.23
+        - GO_RUNTIME=registry.access.redhat.com/ubi9/ubi-minimal
+        - JAVA_BUILDER=registry.access.redhat.com/ubi9/openjdk-21
+        - JAVA_RUNTIME=registry.access.redhat.com/ubi9/openjdk-21-runtime
+        - NODE_BUILDER=registry.access.redhat.com/ubi9/nodejs-20
+        - NODE_RUNTIME=registry.access.redhat.com/ubi9/nodejs-20
         - VERSION=1.38.0
     - name: git-url
       value: '{{source_url}}'
diff --git a/openshift/ci-operator/build-image/Dockerfile b/openshift/ci-operator/build-image/Dockerfile
index ab85eae8..69718c03 100755
--- a/openshift/ci-operator/build-image/Dockerfile
+++ b/openshift/ci-operator/build-image/Dockerfile
@@ -1,17 +1,17 @@
 # DO NOT EDIT! Generated Dockerfile.
 
-FROM registry.ci.openshift.org/ocp/4.17:cli-artifacts as tools
+FROM registry.ci.openshift.org/ocp/4.19:cli-artifacts as tools
 
 # Dockerfile to bootstrap build and test in openshift-ci
-FROM registry.ci.openshift.org/openshift/release:rhel-8-release-golang-1.23-openshift-4.19 as builder
+FROM registry.ci.openshift.org/openshift/release:rhel-9-release-golang-1.23-openshift-4.19 as builder
 
 ARG TARGETARCH
 
-COPY --from=tools /usr/share/openshift/linux_$TARGETARCH/oc.rhel8 /usr/bin/oc
+COPY --from=tools /usr/share/openshift/linux_$TARGETARCH/oc.rhel9 /usr/bin/oc
 
 RUN ln -s /usr/bin/oc /usr/bin/kubectl
 
-RUN yum install -y httpd-tools
+RUN dnf install -y httpd-tools
 
 RUN wget https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 && \
     chmod 700 ./get-helm-3
diff --git a/openshift/ci-operator/knative-images/eventmesh/Dockerfile b/openshift/ci-operator/knative-images/eventmesh/Dockerfile
index 32fb0f4d..2c52ca05 100755
--- a/openshift/ci-operator/knative-images/eventmesh/Dockerfile
+++ b/openshift/ci-operator/knative-images/eventmesh/Dockerfile
@@ -1,6 +1,6 @@
 # DO NOT EDIT! Generated Dockerfile for backends/cmd/eventmesh.
-ARG GO_BUILDER=registry.ci.openshift.org/openshift/release:rhel-8-release-golang-1.23-openshift-4.19
-ARG GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal
+ARG GO_BUILDER=registry.ci.openshift.org/openshift/release:rhel-9-release-golang-1.23-openshift-4.19
+ARG GO_RUNTIME=registry.access.redhat.com/ubi9/ubi-minimal
 
 FROM $GO_BUILDER as builder
 
@@ -23,14 +23,17 @@ COPY LICENSE /licenses/
 USER 65532
 
 LABEL \
-      com.redhat.component="openshift-serverless-1-backstage-plugins-eventmesh-rhel8-container" \
-      name="openshift-serverless-1/backstage-plugins-eventmesh-rhel8" \
+      com.redhat.component="openshift-serverless-1-kn-backstage-plugins-eventmesh-rhel9-container" \
+      name="openshift-serverless-1/kn-backstage-plugins-eventmesh-rhel9" \
       version=$VERSION \
       summary="Red Hat OpenShift Serverless 1 Backstage Plugins Eventmesh" \
       maintainer="serverless-support@redhat.com" \
       description="Red Hat OpenShift Serverless 1 Backstage Plugins Eventmesh" \
       io.k8s.display-name="Red Hat OpenShift Serverless 1 Backstage Plugins Eventmesh" \
       io.k8s.description="Red Hat OpenShift Serverless Backstage Plugins Eventmesh" \
-      io.openshift.tags="eventmesh"
+      io.openshift.tags="eventmesh" \
+      vendor="Red Hat, Inc." \
+      release=$VERSION \
+      cpe="cpe:/a:redhat:openshift_serverless:1.38::el9"
 
 ENTRYPOINT ["/usr/bin/eventmesh"]