Merge pull request #778 from ComplianceAsCode/konflux/references/master #365
yuumasatorelease-latest.yml
on: push
bundle-container-push-latest
/
container
56s
must-gather-latest
/
container
55s
openscap-container-push-latest
/
container
2m 11s
operator-container-push-latest
/
container
3h 3m
must-gather-latest
/
sign
13s
openscap-container-push-latest
/
sign
12s
catalog-container-push-pr
/
sign
10s
Annotations
1 warning and 15 notices
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
images/must-gather/Dockerfile.ocp#L6
JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:3d22585d6f690555fb04a289cb0d7528eab7e11558754d1919bc9f4f499bf092 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:3d22585d6f690555fb04a289cb0d7528eab7e11558754d1919bc9f4f499bf092 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:3d22585d6f690555fb04a289cb0d7528eab7e11558754d1919bc9f4f499bf092 | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:9b0538e35342469dfb78d39291fd864aea2117ef6677fb488369b384153c4ddb | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:9b0538e35342469dfb78d39291fd864aea2117ef6677fb488369b384153c4ddb | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:9b0538e35342469dfb78d39291fd864aea2117ef6677fb488369b384153c4ddb | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:39334a7db6f27a5f240acbb739768cd0b8b4c75e23417e8cbcc86d4f88c23085 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:39334a7db6f27a5f240acbb739768cd0b8b4c75e23417e8cbcc86d4f88c23085 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:39334a7db6f27a5f240acbb739768cd0b8b4c75e23417e8cbcc86d4f88c23085 | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:eaf692f12dac0f39473a18b799c8d0dddaa25cdb400998d005abfbfc9114f06d | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:eaf692f12dac0f39473a18b799c8d0dddaa25cdb400998d005abfbfc9114f06d | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:eaf692f12dac0f39473a18b799c8d0dddaa25cdb400998d005abfbfc9114f06d | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:20fc703e87b39da2a7d6a534d468bd5cabf85d49e36a1722a4542ce10226262b | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:20fc703e87b39da2a7d6a534d468bd5cabf85d49e36a1722a4542ce10226262b | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:20fc703e87b39da2a7d6a534d468bd5cabf85d49e36a1722a4542ce10226262b | jq '.[0]'
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
ComplianceAsCode~compliance-operator~1F3MDM.dockerbuild
Expired
|
42.3 KB |
sha256:b615ce0a5077ef0670dd85de7f0582498e2446ada55b10c4d92a12fceb02838e
|
|
|
ComplianceAsCode~compliance-operator~79WOPH.dockerbuild
Expired
|
54.6 KB |
sha256:56ec6f0eab57648b5ae43ff41016258ccce459580273364c643fbf80a33d886c
|
|
|
ComplianceAsCode~compliance-operator~DPQXQN.dockerbuild
Expired
|
135 KB |
sha256:9b7ac8ad637999e50646ef552a58309d1ba89e4165c946abb76fb6b0d6a60fe8
|
|
|
ComplianceAsCode~compliance-operator~Q5F1G8.dockerbuild
Expired
|
104 KB |
sha256:0fc44b2b0daafa8c39e6670cbfb1bce7cf415b097715a0fa0f3ebacef4ce1925
|
|
|
ComplianceAsCode~compliance-operator~VN00HC.dockerbuild
Expired
|
118 KB |
sha256:7aa71567a158d3a2c80e3117b687c81911bcd0cb7d6590e4bd0ba9b45ad918a5
|
|