Skip to content

Merge pull request #437 from ComplianceAsCode/renovate/github.com-ons… #138

Merge pull request #437 from ComplianceAsCode/renovate/github.com-ons…

Merge pull request #437 from ComplianceAsCode/renovate/github.com-ons… #138

Triggered via push October 12, 2023 22:13
Status Success
Total duration 7m 25s
Artifacts
This run and associated checks have been archived and are scheduled for deletion. Learn more about checks retention
bundle-container-push-latest  /  container
36s
bundle-container-push-latest / container
openscap-container-push-latest  /  container
50s
openscap-container-push-latest / container
operator-container-push-latest  /  container
6m 56s
operator-container-push-latest / container
bundle-container-push-latest  /  sign
7s
bundle-container-push-latest / sign
bundle-container-push-latest  /  sbom
16s
bundle-container-push-latest / sbom
openscap-container-push-latest  /  sign
6s
openscap-container-push-latest / sign
openscap-container-push-latest  /  sbom
19s
openscap-container-push-latest / sbom
operator-container-push-latest  /  sign
6s
operator-container-push-latest / sign
operator-container-push-latest  /  sbom
14s
operator-container-push-latest / sbom
catalog-container-push-latest
35s
catalog-container-push-latest
Fit to window
Zoom out
Zoom in

Annotations

2 warnings and 12 notices
catalog-container-push-latest
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
catalog-container-push-latest
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:051ce5f2730acb64a0301d5cf12b535f936d981ecb5f38a9d3d5dd8829217a35 | jq '.[0]'
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:051ce5f2730acb64a0301d5cf12b535f936d981ecb5f38a9d3d5dd8829217a35 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:051ce5f2730acb64a0301d5cf12b535f936d981ecb5f38a9d3d5dd8829217a35 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
Verify SBOM attestation
COSIGN_EXPERIMENTAL=1 cosign verify-attestation ghcr.io/complianceascode/compliance-operator-bundle@sha256:051ce5f2730acb64a0301d5cf12b535f936d981ecb5f38a9d3d5dd8829217a35 | jq '.payload |= @base64d | .payload | fromjson | select(.predicateType == "https://spdx.dev/Document") | .predicate.Data | fromjson'
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:3538693cefeb4ebdc1786ea882a0c40a77dfc4045c980a806589376eae38b546 | jq '.[0]'
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:3538693cefeb4ebdc1786ea882a0c40a77dfc4045c980a806589376eae38b546 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:3538693cefeb4ebdc1786ea882a0c40a77dfc4045c980a806589376eae38b546 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
Verify SBOM attestation
COSIGN_EXPERIMENTAL=1 cosign verify-attestation ghcr.io/complianceascode/openscap-ocp@sha256:3538693cefeb4ebdc1786ea882a0c40a77dfc4045c980a806589376eae38b546 | jq '.payload |= @base64d | .payload | fromjson | select(.predicateType == "https://spdx.dev/Document") | .predicate.Data | fromjson'
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:173450e443a2e5b68370cb995da2c0d15ea340c23037b619ce828a1afe413c43 | jq '.[0]'
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:173450e443a2e5b68370cb995da2c0d15ea340c23037b619ce828a1afe413c43 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:173450e443a2e5b68370cb995da2c0d15ea340c23037b619ce828a1afe413c43 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
Verify SBOM attestation
COSIGN_EXPERIMENTAL=1 cosign verify-attestation ghcr.io/complianceascode/compliance-operator@sha256:173450e443a2e5b68370cb995da2c0d15ea340c23037b619ce828a1afe413c43 | jq '.payload |= @base64d | .payload | fromjson | select(.predicateType == "https://spdx.dev/Document") | .predicate.Data | fromjson'