Merge pull request #780 from yuumasato/configure-snyk-reporting #364
rhmdndrelease-latest.yml
on: push
bundle-container-push-latest
/
container
58s
must-gather-latest
/
container
1m 2s
openscap-container-push-latest
/
container
2m 21s
operator-container-push-latest
/
container
3h 2m
must-gather-latest
/
sign
7s
openscap-container-push-latest
/
sign
12s
catalog-container-push-pr
/
sign
9s
Annotations
1 warning and 15 notices
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
images/must-gather/Dockerfile.ocp#L6
JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:0b2efa65f2c23468cfbba7c0b175e782af60465949350b948d9f0e25edeb2a86 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:0b2efa65f2c23468cfbba7c0b175e782af60465949350b948d9f0e25edeb2a86 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:0b2efa65f2c23468cfbba7c0b175e782af60465949350b948d9f0e25edeb2a86 | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:9cc66324166fa51595f9167e38f743f241d5976846a5e9dd2e28a383bfec56d6 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:9cc66324166fa51595f9167e38f743f241d5976846a5e9dd2e28a383bfec56d6 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:9cc66324166fa51595f9167e38f743f241d5976846a5e9dd2e28a383bfec56d6 | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:81eb99111407bba8b8587215ce2bfdf979abc158f6d8a430e09b77f9b3693f0b | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:81eb99111407bba8b8587215ce2bfdf979abc158f6d8a430e09b77f9b3693f0b | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:81eb99111407bba8b8587215ce2bfdf979abc158f6d8a430e09b77f9b3693f0b | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:45893bada210c398025246e8752e2f75de17c8d0df83833ff7e7970f3eeae0ea | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:45893bada210c398025246e8752e2f75de17c8d0df83833ff7e7970f3eeae0ea | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:45893bada210c398025246e8752e2f75de17c8d0df83833ff7e7970f3eeae0ea | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:ffa85062e1db79382d7cb05fb103d6b896d00ca179bab495e06e79385d71484d | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:ffa85062e1db79382d7cb05fb103d6b896d00ca179bab495e06e79385d71484d | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:ffa85062e1db79382d7cb05fb103d6b896d00ca179bab495e06e79385d71484d | jq '.[0]'
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
ComplianceAsCode~compliance-operator~C7F8JO.dockerbuild
Expired
|
42.9 KB |
sha256:e02d94017bce838fffdb30b9702c6f89df23da8a338e1b0c11c3af377fd345d5
|
|
|
ComplianceAsCode~compliance-operator~K3UNQ9.dockerbuild
Expired
|
48.4 KB |
sha256:ee07d402f1ed76d4f0739161d46e6a51cdc0b8838dc2725f0cff4bbc32b588e2
|
|
|
ComplianceAsCode~compliance-operator~LM5MYW.dockerbuild
Expired
|
136 KB |
sha256:139e6999103ac841847bbad94142dfe8f4786e09faaac306f23dc045002e5ebe
|
|
|
ComplianceAsCode~compliance-operator~LPH8YK.dockerbuild
Expired
|
107 KB |
sha256:84e6bdf8821c02e2958ab3b0bc47ab22a37bd2aaf4877a41c714820299028007
|
|
|
ComplianceAsCode~compliance-operator~N7SEAW.dockerbuild
Expired
|
114 KB |
sha256:f0089f2d03dce7758fa69db322150e9492f536cb25f5ab84881cdf256da53296
|
|