Merge pull request #749 from ComplianceAsCode/konflux/references/master #362
yuumasatorelease-latest.yml
on: push
bundle-container-push-latest
/
container
41s
must-gather-latest
/
container
46s
openscap-container-push-latest
/
container
1m 55s
operator-container-push-latest
/
container
3h 3m
must-gather-latest
/
sign
11s
openscap-container-push-latest
/
sign
10s
catalog-container-push-pr
/
sign
7s
Annotations
1 warning and 15 notices
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
images/must-gather/Dockerfile.ocp#L6
JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:7f0204a33769191aecbacae004f8c523aca4560b73b22ab402b5d90a0a6262ee | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:7f0204a33769191aecbacae004f8c523aca4560b73b22ab402b5d90a0a6262ee | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:7f0204a33769191aecbacae004f8c523aca4560b73b22ab402b5d90a0a6262ee | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:d5e547f8db1c03a9bd3488528fdc727a7481dbd18d67be03d077109f955bdc11 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:d5e547f8db1c03a9bd3488528fdc727a7481dbd18d67be03d077109f955bdc11 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:d5e547f8db1c03a9bd3488528fdc727a7481dbd18d67be03d077109f955bdc11 | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:f49ebce86106ef3831be62590da0cce6e12e0900f0406bcebaeaacbe0ad71250 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:f49ebce86106ef3831be62590da0cce6e12e0900f0406bcebaeaacbe0ad71250 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:f49ebce86106ef3831be62590da0cce6e12e0900f0406bcebaeaacbe0ad71250 | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:67c008ae36a9daa00d3f53766a2bc3d64540a64073a1a1f9c8431b842ea66323 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:67c008ae36a9daa00d3f53766a2bc3d64540a64073a1a1f9c8431b842ea66323 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:67c008ae36a9daa00d3f53766a2bc3d64540a64073a1a1f9c8431b842ea66323 | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:5a247268129e078c53e177d392e9f96996ccd1e64c38b6df57a050fa30fbec3f | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:5a247268129e078c53e177d392e9f96996ccd1e64c38b6df57a050fa30fbec3f | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:5a247268129e078c53e177d392e9f96996ccd1e64c38b6df57a050fa30fbec3f | jq '.[0]'
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
ComplianceAsCode~compliance-operator~EGYN8Y.dockerbuild
Expired
|
51.1 KB |
sha256:b59b09919cda378ed0ac4d5c0cecd8e56bd07c9fb1d4759ecef3a330815567d4
|
|
|
ComplianceAsCode~compliance-operator~K7AA45.dockerbuild
Expired
|
104 KB |
sha256:af8bdb5bc4296b1166c2ec0cdfbc4f86a213a4a7a970ced96ebbf764b32b0779
|
|
|
ComplianceAsCode~compliance-operator~SEFUCY.dockerbuild
Expired
|
42.1 KB |
sha256:37004a0df7f619a29a4ef1ae0d8c011aaa7d795ecd2f60f8be9277a714c7464f
|
|
|
ComplianceAsCode~compliance-operator~T8T25K.dockerbuild
Expired
|
106 KB |
sha256:cdf1e93ec81ea28f03919e3ba94a824eb373b9b7a40ea553d911b8e7e5ef4c86
|
|
|
ComplianceAsCode~compliance-operator~ZHQ54V.dockerbuild
Expired
|
136 KB |
sha256:a7bcbc3187fa8f4750248c32c877818f600b45d83b8a0f9f0395dda686e62c39
|
|