Merge pull request #709 from ComplianceAsCode/release-v1.7.0 #352
yuumasatorelease-latest.yml
on: push
bundle-container-push-latest
/
container
43s
must-gather-latest
/
container
49s
openscap-container-push-latest
/
container
2m 15s
operator-container-push-latest
/
container
3h 2m
must-gather-latest
/
sign
7s
openscap-container-push-latest
/
sign
8s
catalog-container-push-pr
/
sign
11s
Annotations
1 warning and 15 notices
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
images/must-gather/Dockerfile.ocp#L6
JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:0c916385f837273e169fa79107ff3fe4d747bfcafbe624e0494da03bfea9bc5a | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:0c916385f837273e169fa79107ff3fe4d747bfcafbe624e0494da03bfea9bc5a | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:0c916385f837273e169fa79107ff3fe4d747bfcafbe624e0494da03bfea9bc5a | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:4b2d3c9a7768d4696812e6eac36d734f6a3f061ff8a3923003ea2c8a5cf4e4c7 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:4b2d3c9a7768d4696812e6eac36d734f6a3f061ff8a3923003ea2c8a5cf4e4c7 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:4b2d3c9a7768d4696812e6eac36d734f6a3f061ff8a3923003ea2c8a5cf4e4c7 | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:d85ac0b6f394fe5a7f34a0d270ad124b0c68c25f1d075248611bf5e58fb83ce6 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:d85ac0b6f394fe5a7f34a0d270ad124b0c68c25f1d075248611bf5e58fb83ce6 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:d85ac0b6f394fe5a7f34a0d270ad124b0c68c25f1d075248611bf5e58fb83ce6 | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:cb4bd46cf974cf95cfc76784963965d7dc92d8379f094e33823839c9b366c83b | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:cb4bd46cf974cf95cfc76784963965d7dc92d8379f094e33823839c9b366c83b | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:cb4bd46cf974cf95cfc76784963965d7dc92d8379f094e33823839c9b366c83b | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:51835b6b3263a0fc850ff526984d10b57cf6c9a0a6f60f177cc4871029c62712 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:51835b6b3263a0fc850ff526984d10b57cf6c9a0a6f60f177cc4871029c62712 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:51835b6b3263a0fc850ff526984d10b57cf6c9a0a6f60f177cc4871029c62712 | jq '.[0]'
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
ComplianceAsCode~compliance-operator~26PQZX.dockerbuild
Expired
|
135 KB |
sha256:f5bcbb8cc47be32b4815acf9cee3af269a0f5a7514fadeaf52c81b26de02ceba
|
|
|
ComplianceAsCode~compliance-operator~2WWMEP.dockerbuild
Expired
|
52.2 KB |
sha256:91c8ddc6b4e33f9db2c22659f90290b86d7c6c9b438befc9c1129812f26f26c1
|
|
|
ComplianceAsCode~compliance-operator~4EZXY4.dockerbuild
Expired
|
42.6 KB |
sha256:212241479f41b8251f860aba1e3293545faba872cf8f37937b5a3a6315f2f0d4
|
|
|
ComplianceAsCode~compliance-operator~9J3J9A.dockerbuild
Expired
|
111 KB |
sha256:a67d09cfaf54d75f977c3b39c4706c40f5c3540d0094836ab710817d44df090e
|
|
|
ComplianceAsCode~compliance-operator~U1M6TI.dockerbuild
Expired
|
105 KB |
sha256:37a6629dce81a02157563f96dc9bd7088c508e2134c7f5ac336c80ef0d430ca2
|
|