Merge pull request #791 from ComplianceAsCode/konflux/references/master #374
yuumasatorelease-latest.yml
on: push
bundle-container-push-latest
/
container
46s
must-gather-latest
/
container
45s
openscap-container-push-latest
/
container
2m 0s
operator-container-push-latest
/
container
2h 47m
must-gather-latest
/
sign
10s
openscap-container-push-latest
/
sign
7s
catalog-container-push-pr
/
sign
11s
Annotations
1 warning and 15 notices
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
images/must-gather/Dockerfile.ocp#L6
JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:b5da8d19f7fd141d506cc6098fb5bee6bf969ebccebbb7dd50f4968259aad82a | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:b5da8d19f7fd141d506cc6098fb5bee6bf969ebccebbb7dd50f4968259aad82a | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:b5da8d19f7fd141d506cc6098fb5bee6bf969ebccebbb7dd50f4968259aad82a | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:2c30ad28902237e3d52b430c27c9d7d3e405d6236af719c57da13c3c552a34eb | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:2c30ad28902237e3d52b430c27c9d7d3e405d6236af719c57da13c3c552a34eb | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:2c30ad28902237e3d52b430c27c9d7d3e405d6236af719c57da13c3c552a34eb | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:68474e966eaec0e358ffecdd3f72fe06d23c77f35800882ea7f1d1be48ca1cbc | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:68474e966eaec0e358ffecdd3f72fe06d23c77f35800882ea7f1d1be48ca1cbc | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:68474e966eaec0e358ffecdd3f72fe06d23c77f35800882ea7f1d1be48ca1cbc | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:eadb821bae444abed6a39cc07c680734b7f782199a1dbea84f637a83e367345d | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:eadb821bae444abed6a39cc07c680734b7f782199a1dbea84f637a83e367345d | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:eadb821bae444abed6a39cc07c680734b7f782199a1dbea84f637a83e367345d | jq '.[0]'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:df458ce68a1e35c34d7aafcbfbb5f7813b800940735edec9fe2a2fb731277062 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:df458ce68a1e35c34d7aafcbfbb5f7813b800940735edec9fe2a2fb731277062 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:df458ce68a1e35c34d7aafcbfbb5f7813b800940735edec9fe2a2fb731277062 | jq '.[0]'
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
ComplianceAsCode~compliance-operator~C21E81.dockerbuild
Expired
|
54.2 KB |
sha256:178b4af78e29bc7de9eede4c0919447b511d71f59b0754f2ccfaba95fb22b1a9
|
|
|
ComplianceAsCode~compliance-operator~JD27EX.dockerbuild
Expired
|
111 KB |
sha256:72e2859608d1fc14bfa81a24ebc35fac8e3f3598aae3572c10d6aeb65cb76f17
|
|
|
ComplianceAsCode~compliance-operator~K6BFHP.dockerbuild
Expired
|
41.9 KB |
sha256:5d3c63fc4e5ae2046761982ef4233639d9fff14aa651c5cc9efc0849a711cec9
|
|
|
ComplianceAsCode~compliance-operator~MW9WRK.dockerbuild
Expired
|
104 KB |
sha256:394f6182a6b531758021635d45ed58ced044d037b151464f4f5b20d6aea48fd1
|
|
|
ComplianceAsCode~compliance-operator~UHU5KT.dockerbuild
Expired
|
143 KB |
sha256:2dfdeba1bf5c3c2efffaac8c3e0a3b973966118b5ea5f9af2e739965abc16dbe
|
|