Merge pull request #635 from rhmdnd/enable-hermetic-builds #319
openshift-merge-bot[bot]release-latest.yml
on: push
bundle-container-push-latest
/
container
48s
must-gather-latest
/
container
1m 0s
openscap-container-push-latest
/
container
1m 48s
operator-container-push-latest
/
container
1h 51m
must-gather-latest
/
sign
6s
openscap-container-push-latest
/
sign
9s
catalog-container-push-pr
/
sign
5s
Annotations
11 warnings and 15 notices
|
bundle-container-push-latest / container
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
must-gather-latest / container
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
images/must-gather/Dockerfile.ocp#L6
JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|
|
bundle-container-push-latest / sign
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
must-gather-latest / sign
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
openscap-container-push-latest / container
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
openscap-container-push-latest / sign
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
operator-container-push-latest / container
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
operator-container-push-latest / sign
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
catalog-container-push-pr / container
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
catalog-container-push-pr / sign
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:5efde0dfba973890af72add6f573a77403e5de67bd4eca32363d3793abf347e5 | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:5efde0dfba973890af72add6f573a77403e5de67bd4eca32363d3793abf347e5 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:5efde0dfba973890af72add6f573a77403e5de67bd4eca32363d3793abf347e5 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:1d8c8e9e12230b6c0553e1a8b9935a9fec8133dd5e9b157ef54c5bf3d75c32df | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:1d8c8e9e12230b6c0553e1a8b9935a9fec8133dd5e9b157ef54c5bf3d75c32df | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:1d8c8e9e12230b6c0553e1a8b9935a9fec8133dd5e9b157ef54c5bf3d75c32df | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:e75c978b90ad9453553bc4e00bf65c6ab928014eeba72f9ea132f996ee8aff11 | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:e75c978b90ad9453553bc4e00bf65c6ab928014eeba72f9ea132f996ee8aff11 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:e75c978b90ad9453553bc4e00bf65c6ab928014eeba72f9ea132f996ee8aff11 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:38aa42e5a32661c25d332cb2800cb77c6de82a87cb97c55a6161a9ed548d49ac | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:38aa42e5a32661c25d332cb2800cb77c6de82a87cb97c55a6161a9ed548d49ac | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:38aa42e5a32661c25d332cb2800cb77c6de82a87cb97c55a6161a9ed548d49ac | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:67791e1cd0e5da210cd24854d8da9466a4d47538f688d541ab0f37f1505cfdf3 | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:67791e1cd0e5da210cd24854d8da9466a4d47538f688d541ab0f37f1505cfdf3 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:67791e1cd0e5da210cd24854d8da9466a4d47538f688d541ab0f37f1505cfdf3 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
ComplianceAsCode~compliance-operator~3S7JHU.dockerbuild
|
86.6 KB |
|
|
ComplianceAsCode~compliance-operator~9OOWJM.dockerbuild
|
113 KB |
|
|
ComplianceAsCode~compliance-operator~DQ3U70.dockerbuild
|
93.6 KB |
|
|
ComplianceAsCode~compliance-operator~N7RXRZ.dockerbuild
|
43.5 KB |
|
|
ComplianceAsCode~compliance-operator~NJEQC9.dockerbuild
|
44.5 KB |
|