pod: gh-test-custom-branch-okorou-on-pull-request-6srgx-init-pod | init container: prepare 2025/10/21 16:25:01 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-pull-request-6srgx-init-pod | init container: place-scripts 2025/10/21 16:25:02 Decoded script /tekton/scripts/script-0-qnlz4 pod: gh-test-custom-branch-okorou-on-pull-request-6srgx-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:on-pr-d85bd648b33eba4252f01dcbb623fc672e69dbea Determine if Image Already Exists pod: gh-test-custom-branch-okorou-on-pull-request-w8cjf-init-pod | init container: prepare 2025/10/21 16:30:14 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-pull-request-w8cjf-init-pod | init container: place-scripts 2025/10/21 16:30:15 Decoded script /tekton/scripts/script-0-8nq86 pod: gh-test-custom-branch-okorou-on-pull-request-w8cjf-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:on-pr-bbc461d059c74d659c4ebb0547fff916e2f13bef Determine if Image Already Exists pod: gh-test-custom-branch-okorou-on-push-zmgv6-apply-tags-pod | init container: prepare 2025/10/21 16:38:01 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-push-zmgv6-apply-tags-pod | init container: place-scripts 2025/10/21 16:38:17 Decoded script /tekton/scripts/script-0-k9cx7 2025/10/21 16:38:17 Decoded script /tekton/scripts/script-1-xl5xj pod: gh-test-custom-branch-okorou-on-push-zmgv6-apply-tags-pod | container step-apply-additional-tags-from-parameter: No additional tags parameter specified pod: gh-test-custom-branch-okorou-on-push-zmgv6-apply-tags-pod | container step-apply-additional-tags-from-image-label: Applying tag test-tag1 Getting image source signatures Copying blob sha256:c4ce55d30f7617115eedb4b1940f0f3653d4f28b0ffc262942d88a2823d284cf Copying blob sha256:2d35ebdb57d9971fea0cac1582aa78935adf8058b2cc32db163c98822e5dfa1b Copying blob sha256:cf4ba836528490bb3adbc7bccc51c4f51193fd8d703e408d6285e33242c2cb27 Copying blob sha256:91137199d2d3038e3d089f2b3eec98443e7838e63df8c25895d61043489a42f3 Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Copying config sha256:fac15bc4e56fe1cdc357a425f619ef39c253b80e35eff4d53590c46872fb8033 Writing manifest to image destination Applying tag test-tag2 Getting image source signatures Copying blob sha256:c4ce55d30f7617115eedb4b1940f0f3653d4f28b0ffc262942d88a2823d284cf Copying blob sha256:2d35ebdb57d9971fea0cac1582aa78935adf8058b2cc32db163c98822e5dfa1b Copying blob sha256:cf4ba836528490bb3adbc7bccc51c4f51193fd8d703e408d6285e33242c2cb27 Copying blob sha256:91137199d2d3038e3d089f2b3eec98443e7838e63df8c25895d61043489a42f3 Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Copying config sha256:fac15bc4e56fe1cdc357a425f619ef39c253b80e35eff4d53590c46872fb8033 Writing manifest to image destination pod: gh-test-custom-branch-okorou-on-push-zmgv6-build-container-pod | init container: prepare 2025/10/21 16:35:57 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-push-zmgv6-build-container-pod | init container: place-scripts 2025/10/21 16:36:00 Decoded script /tekton/scripts/script-0-z9sjw 2025/10/21 16:36:00 Decoded script /tekton/scripts/script-1-dmsgr 2025/10/21 16:36:00 Decoded script /tekton/scripts/script-2-7fxj4 2025/10/21 16:36:00 Decoded script /tekton/scripts/script-3-v748t 2025/10/21 16:36:00 Decoded script /tekton/scripts/script-4-ln4zs pod: gh-test-custom-branch-okorou-on-push-zmgv6-build-container-pod | init container: working-dir-initializer pod: gh-test-custom-branch-okorou-on-push-zmgv6-build-container-pod | container step-build: [2025-10-21T16:36:29,767609906+00:00] Validate context path [2025-10-21T16:36:29,771731636+00:00] Update CA trust [2025-10-21T16:36:29,773148876+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-10-21T16:36:34,253649512+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2025-10-21T16:36:34,503956681+00:00] Prepare system (architecture: x86_64) [2025-10-21T16:36:38,773631832+00:00] Setup prefetched Trying to pull quay.io/jitesoft/nginx:latest... Getting image source signatures Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Copying blob sha256:2d35ebdb57d9971fea0cac1582aa78935adf8058b2cc32db163c98822e5dfa1b Copying blob sha256:91137199d2d3038e3d089f2b3eec98443e7838e63df8c25895d61043489a42f3 Copying blob sha256:cf4ba836528490bb3adbc7bccc51c4f51193fd8d703e408d6285e33242c2cb27 Copying config sha256:b65a13cb413ade37f56093fb2deb5911f2313f2fc4c3fab25d3ec25957ad7b86 Writing manifest to image destination [2025-10-21T16:36:47,077221309+00:00] Unsetting proxy { "com.jitesoft.app.alpine.version": "3.22.2", "com.jitesoft.app.nginx.version": "1.29.2", "com.jitesoft.build.arch": "amd64", "com.jitesoft.build.platform": "linux/amd64", "com.jitesoft.project.registry.uri": "registry.gitlab.com/jitesoft/dockerfiles/nginx", "com.jitesoft.project.repo.issues": "https://gitlab.com/jitesoft/dockerfiles/nginx/issues", "com.jitesoft.project.repo.type": "git", "com.jitesoft.project.repo.uri": "https://gitlab.com/jitesoft/dockerfiles/nginx", "io.artifacthub.package.alternative-locations": "oci://index.docker.io/jitesoft/nginx,oci://ghcr.io/jitesoft/nginx,oci://registry.gitlab.com/jitesoft/dockerfiles/nginx", "io.artifacthub.package.logo-url": "https://jitesoft.com/favicon-96x96.png", "io.artifacthub.package.readme-url": "https://gitlab.com/jitesoft/dockerfiles/nginx/-/raw/master/README.md", "maintainer": "Johannes Tegnér ", "maintainer.org": "Jitesoft", "maintainer.org.uri": "https://jitesoft.com", "org.opencontainers.image.created": "", "org.opencontainers.image.description": "Nginx on Alpine linux", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/devfile-sample-hello-world", "org.opencontainers.image.vendor": "Jitesoft", "org.opencontainers.image.version": "1.29.2", "architecture": "x86_64", "vcs-type": "git", "vcs-ref": "ace2c79e01560806995e7666bc941c48394dda11", "org.opencontainers.image.revision": "ace2c79e01560806995e7666bc941c48394dda11", "build-date": "2025-10-21T16:36:38Z", "io.buildah.version": "1.41.4", "konflux.additional-tags": "test-tag1, test-tag2" } [2025-10-21T16:36:47,126599653+00:00] Register sub-man Adding the entitlement to the build [2025-10-21T16:36:47,130225402+00:00] Add secrets [2025-10-21T16:36:47,220740318+00:00] Run buildah build [2025-10-21T16:36:47,221982248+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=ace2c79e01560806995e7666bc941c48394dda11 --label org.opencontainers.image.revision=ace2c79e01560806995e7666bc941c48394dda11 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/devfile-sample-hello-world --label build-date=2025-10-21T16:36:38Z --annotation org.opencontainers.image.revision=ace2c79e01560806995e7666bc941c48394dda11 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/devfile-sample-hello-world --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.T8LvqM -t quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 . STEP 1/5: FROM quay.io/jitesoft/nginx:latest STEP 2/5: ENV PORT="8080" STEP 3/5: LABEL konflux.additional-tags="test-tag1, test-tag2" STEP 4/5: COPY labels.json /root/buildinfo/labels.json STEP 5/5: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="ace2c79e01560806995e7666bc941c48394dda11" "org.opencontainers.image.revision"="ace2c79e01560806995e7666bc941c48394dda11" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/devfile-sample-hello-world" "build-date"="2025-10-21T16:36:38Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 time="2025-10-21T16:36:50Z" level=warning msg="HEALTHCHECK is not supported for OCI image format and will be ignored. Must use `docker` format" --> fac15bc4e56f Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 fac15bc4e56fe1cdc357a425f619ef39c253b80e35eff4d53590c46872fb8033 [2025-10-21T16:37:15,019085717+00:00] Unsetting proxy [2025-10-21T16:37:15,020890447+00:00] Add metadata Recording base image digests used quay.io/jitesoft/nginx:latest quay.io/jitesoft/nginx:latest@sha256:53aaee92d207b6ddfe428c697514714cbef243711a599f408534665f6da0255c Getting image source signatures Copying blob sha256:e71316e8fa97354c24901724f193cc55bf93e29047bb1db6cca567721ca0cf23 Copying blob sha256:256f393e029fa2063d8c93720da36a74a032bed3355a2bc3e313ad12f8bde9d1 Copying blob sha256:1ea51c3f683f33a7148c84d6900dee0d6b2746aec78d13c0d929b8f0ad53cb02 Copying blob sha256:f8e7ccd03afcc9d0564cf87f00b053027fa490a67b32d7088092f33362e5c501 Copying blob sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef Copying config sha256:fac15bc4e56fe1cdc357a425f619ef39c253b80e35eff4d53590c46872fb8033 Writing manifest to image destination [2025-10-21T16:37:17,381939783+00:00] End build pod: gh-test-custom-branch-okorou-on-push-zmgv6-build-container-pod | container step-push: [2025-10-21T16:37:18,011107088+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-10-21T16:37:21,259735324+00:00] Convert image [2025-10-21T16:37:21,261089312+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:gh-test-custom-branch-okorou-on-push-zmgv6-build-container Executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 docker://quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:gh-test-custom-branch-okorou-on-push-zmgv6-build-container [2025-10-21T16:37:27,670362207+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 Executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 docker://quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 sha256:71cbfcb8cc524a67a4040c34c92b9ce00e95cd6641d149771e5e97f1530e94baquay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 [2025-10-21T16:37:29,186210537+00:00] End push pod: gh-test-custom-branch-okorou-on-push-zmgv6-build-container-pod | container step-sbom-syft-generate: [2025-10-21T16:37:30,113248418+00:00] Generate SBOM Running syft on the source directory [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) Running syft on the image [2025-10-21T16:37:33,231618514+00:00] End sbom-syft-generate pod: gh-test-custom-branch-okorou-on-push-zmgv6-build-container-pod | container step-prepare-sboms: [2025-10-21T16:37:33,676504714+00:00] Prepare SBOM [2025-10-21T16:37:33,681507548+00:00] Generate SBOM with mobster 2025-10-21 16:37:34,936 [INFO] mobster.log: Logging level set to 20 2025-10-21 16:37:34,991 [INFO] mobster.oci: Fetching manifest for quay.io/jitesoft/nginx@sha256:53aaee92d207b6ddfe428c697514714cbef243711a599f408534665f6da0255c 2025-10-21 16:37:38,659 [INFO] mobster.cmd.generate.oci_image.contextual_parent_content: Contextual mechanism won't be used, there is no parent image SBOM. 2025-10-21 16:37:38,674 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-AND. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND LicenseRef-custom', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-aom-libs-ea5260c6dbe8a3e7', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('LicenseRef-custom', is_exception=False)))) 2025-10-21 16:37:38,674 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-custom. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND LicenseRef-custom', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-aom-libs-ea5260c6dbe8a3e7', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('LicenseRef-custom', is_exception=False)))) 2025-10-21 16:37:38,674 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-AND. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND BSD-3-Clause AND Beerware AND LicenseRef-Domain AND ISC AND LicenseRef-Public', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-libmd-0387e6ced1ad6904', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('BSD-3-Clause', aliases=('LicenseRef-scancode-libzip',), is_exception=False), LicenseSymbol('Beerware', is_exception=False), LicenseSymbol('LicenseRef-Domain', is_exception=False), LicenseSymbol('ISC', is_exception=False), LicenseSymbol('LicenseRef-Public', is_exception=False)))) 2025-10-21 16:37:38,674 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND BSD-3-Clause AND Beerware AND LicenseRef-Domain AND ISC AND LicenseRef-Public', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-libmd-0387e6ced1ad6904', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('BSD-3-Clause', aliases=('LicenseRef-scancode-libzip',), is_exception=False), LicenseSymbol('Beerware', is_exception=False), LicenseSymbol('LicenseRef-Domain', is_exception=False), LicenseSymbol('ISC', is_exception=False), LicenseSymbol('LicenseRef-Public', is_exception=False)))) 2025-10-21 16:37:38,675 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND BSD-3-Clause AND Beerware AND LicenseRef-Domain AND ISC AND LicenseRef-Public', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-libmd-0387e6ced1ad6904', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('BSD-3-Clause', aliases=('LicenseRef-scancode-libzip',), is_exception=False), LicenseSymbol('Beerware', is_exception=False), LicenseSymbol('LicenseRef-Domain', is_exception=False), LicenseSymbol('ISC', is_exception=False), LicenseSymbol('LicenseRef-Public', is_exception=False)))) 2025-10-21 16:37:38,675 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-AND. license_expression must only use IDs from the license list or extracted licensing info, but is: 0BSD AND LicenseRef-AND AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-xz-libs-bd7a047b03297e4b', element_type=, full_element=AND(LicenseSymbol('0BSD', is_exception=False), LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('GPL-2.0-or-later', aliases=('GPL-2.0+', 'GPL 2.0+'), is_exception=False), LicenseSymbol('LGPL-2.1-or-later', aliases=('LGPL-2.1+',), is_exception=False), LicenseSymbol('LicenseRef-Public-Domain', is_exception=False)))) 2025-10-21 16:37:38,675 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: 0BSD AND LicenseRef-AND AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-xz-libs-bd7a047b03297e4b', element_type=, full_element=AND(LicenseSymbol('0BSD', is_exception=False), LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('GPL-2.0-or-later', aliases=('GPL-2.0+', 'GPL 2.0+'), is_exception=False), LicenseSymbol('LGPL-2.1-or-later', aliases=('LGPL-2.1+',), is_exception=False), LicenseSymbol('LicenseRef-Public-Domain', is_exception=False)))) 2025-10-21 16:37:38,688 [INFO] mobster.main: Exiting with code 0. [2025-10-21T16:37:38,804294419+00:00] End prepare-sboms pod: gh-test-custom-branch-okorou-on-push-zmgv6-build-container-pod | container step-upload-sbom: [2025-10-21T16:37:38,892016901+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou Pushing sbom to registry Executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11@sha256:71cbfcb8cc524a67a4040c34c92b9ce00e95cd6641d149771e5e97f1530e94ba quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou@sha256:a94355256cdcdbe9bb70d764b88cfc82987368b33f1bec8406b13ef8f4992a06 [2025-10-21T16:37:42,497568592+00:00] End upload-sbom pod: gh-test-custom-branch-okorou-on-push-zmgv6-clair-scan-pod | init container: prepare 2025/10/21 16:37:54 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-push-zmgv6-clair-scan-pod | init container: place-scripts 2025/10/21 16:37:56 Decoded script /tekton/scripts/script-0-jcjmj 2025/10/21 16:37:56 Decoded script /tekton/scripts/script-1-knw66 2025/10/21 16:37:56 Decoded script /tekton/scripts/script-2-rp4d8 2025/10/21 16:37:56 Decoded script /tekton/scripts/script-3-wpc5q pod: gh-test-custom-branch-okorou-on-push-zmgv6-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou@sha256:71cbfcb8cc524a67a4040c34c92b9ce00e95cd6641d149771e5e97f1530e94ba. pod: gh-test-custom-branch-okorou-on-push-zmgv6-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... pod: gh-test-custom-branch-okorou-on-push-zmgv6-clair-scan-pod | container step-oci-attach-report: pod: gh-test-custom-branch-okorou-on-push-zmgv6-clair-scan-pod | container step-conftest-vulnerabilities: pod: gh-test-custom-branch-okorou-on-push-zmgv6-clamav-scan-pod | init container: prepare 2025/10/21 16:37:56 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-push-zmgv6-clamav-scan-pod | init container: place-scripts 2025/10/21 16:37:58 Decoded script /tekton/scripts/script-0-xnf42 2025/10/21 16:37:58 Decoded script /tekton/scripts/script-1-sst2q pod: gh-test-custom-branch-okorou-on-push-zmgv6-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Extracting image(s). Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 2.027 sec (0 m 2 s) Start Date: 2025:10:21 16:38:37 End Date: 2025:10:21 16:38:39 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27798/Mon Oct 20 09:37:28 2025 Database version: 27798 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1761064719","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1761064719","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1761064719","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11", "digests": ["sha256:71cbfcb8cc524a67a4040c34c92b9ce00e95cd6641d149771e5e97f1530e94ba"]}} pod: gh-test-custom-branch-okorou-on-push-zmgv6-clamav-scan-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou Attaching to quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11@sha256:71cbfcb8cc524a67a4040c34c92b9ce00e95cd6641d149771e5e97f1530e94ba clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 980f556adbd7 clamscan-result-amd64.log Uploading 887a529fdff0 clamscan-ec-test-amd64.json Uploaded 887a529fdff0 clamscan-ec-test-amd64.json Uploaded 980f556adbd7 clamscan-result-amd64.log Uploading 621769005bb9 application/vnd.oci.image.manifest.v1+json Uploaded 621769005bb9 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11@sha256:71cbfcb8cc524a67a4040c34c92b9ce00e95cd6641d149771e5e97f1530e94ba Digest: sha256:621769005bb9ff954ed00f4912bb35815bc275cb272c26ea7847e54d1d59779c pod: gh-test-custom-branch-okorou-on-push-zmgv6-clone-repository-pod | init container: prepare 2025/10/21 16:34:31 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-push-zmgv6-clone-repository-pod | init container: place-scripts 2025/10/21 16:34:34 Decoded script /tekton/scripts/script-0-72wkl 2025/10/21 16:34:35 Decoded script /tekton/scripts/script-1-82glq pod: gh-test-custom-branch-okorou-on-push-zmgv6-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1761064485.1570907,"caller":"git/git.go:380","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1761064486.5001678,"caller":"git/git.go:217","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/devfile-sample-hello-world @ ace2c79e01560806995e7666bc941c48394dda11 (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1761064486.5002594,"caller":"git/git.go:380","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1761064486.5286036,"caller":"git/git.go:263","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision ace2c79e01560806995e7666bc941c48394dda11 directly. pod: gh-test-custom-branch-okorou-on-push-zmgv6-clone-repository-pod | container step-symlink-check: Running symlink check pod: gh-test-custom-branch-okorou-on-push-zmgv6-init-pod | init container: prepare 2025/10/21 16:34:12 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-push-zmgv6-init-pod | init container: place-scripts 2025/10/21 16:34:24 Decoded script /tekton/scripts/script-0-5z85s pod: gh-test-custom-branch-okorou-on-push-zmgv6-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 Determine if Image Already Exists pod: gh-test-custom-branch-okorou-on-push-zmgv6-push-dockerfile-pod | init container: prepare 2025/10/21 16:38:01 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-push-zmgv6-push-dockerfile-pod | init container: place-scripts 2025/10/21 16:38:17 Decoded script /tekton/scripts/script-0-b67gq pod: gh-test-custom-branch-okorou-on-push-zmgv6-push-dockerfile-pod | init container: working-dir-initializer pod: gh-test-custom-branch-okorou-on-push-zmgv6-push-dockerfile-pod | container step-push: [2025-10-21T16:38:24,947091058+00:00] Validate context path Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 Using token for quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou Pushing Dockerfile to registry Executing: oras push --no-tty --format json --registry-config /tmp/tmp.3IHOZaD8xw --artifact-type application/vnd.konflux.dockerfile quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:sha256-71cbfcb8cc524a67a4040c34c92b9ce00e95cd6641d149771e5e97f1530e94ba.dockerfile Dockerfile pod: gh-test-custom-branch-okorou-on-push-zmgv6-sast-shell-check-pod | init container: prepare 2025/10/21 16:38:00 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-push-zmgv6-sast-shell-check-pod | init container: place-scripts 2025/10/21 16:38:03 Decoded script /tekton/scripts/script-0-pznns 2025/10/21 16:38:03 Decoded script /tekton/scripts/script-1-4k97b pod: gh-test-custom-branch-okorou-on-push-zmgv6-sast-shell-check-pod | init container: working-dir-initializer pod: gh-test-custom-branch-okorou-on-push-zmgv6-sast-shell-check-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index INFO: The PROJECT_NAME used is: gh-test-custom-branch-okorou INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=gh-test-custom-branch-okorou + echo 'INFO: The PROJECT_NAME used is: gh-test-custom-branch-okorou' + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/workspace/workspace/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/workspace/workspace/source/. ++ realpath -m /workspace/workspace/source/. + resolved_path=/workspace/workspace/source + [[ /workspace/workspace/source == \/\w\o\r\k\s\p\a\c\e\/\w\o\r\k\s\p\a\c\e\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' + /usr/share/csmock/scripts/run-shellcheck.sh /workspace/workspace/source Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/sendemail-validate.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/update.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/workspace/workspace/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-101.json ./shellcheck-results/sc-105.json ./shellcheck-results/sc-122.json ./shellcheck-results/sc-134.json ./shellcheck-results/sc-136.json ./shellcheck-results/sc-138.json ./shellcheck-results/sc-89.json ./shellcheck-results/sc-93.json ./shellcheck-results/sc-96.json ./shellcheck-results/sc-98.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered ShellCheck results have been saved to shellcheck-results.json + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' + echo 'ShellCheck results have been saved to shellcheck-results.json' + csgrep --mode=evtstat shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + note='Task sast-shell-check completed successfully.' ++ make_result_json -r SUCCESS -t 'Task sast-shell-check completed successfully.' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-shell-check completed successfully.' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2025-10-21T16:38:24+00:00 --arg result SUCCESS --arg note 'Task sast-shell-check completed successfully.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2025-10-21T16:38:24+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2025-10-21T16:38:24+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2025-10-21T16:38:24+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2025-10-21T16:38:24+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2025-10-21T16:38:24+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: gh-test-custom-branch-okorou-on-push-zmgv6-sast-shell-check-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou Attaching to quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11@sha256:71cbfcb8cc524a67a4040c34c92b9ce00e95cd6641d149771e5e97f1530e94ba shellcheck-results.sarif:application/sarif+json Preparing shellcheck-results.sarif Exists 3b606a9dd3a1 shellcheck-results.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 746f442f2374 application/vnd.oci.image.manifest.v1+json Uploaded 746f442f2374 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-xhpw/gh-test-custom-branch-okorou:ace2c79e01560806995e7666bc941c48394dda11@sha256:71cbfcb8cc524a67a4040c34c92b9ce00e95cd6641d149771e5e97f1530e94ba Digest: sha256:746f442f237463c7d4e484765817b043382d36712d28e8ab7ca9a0c116fa0e5c No excluded-findings.json exists. Skipping upload. pod: gh-test-custom-branch-okorou-on-push-zmgv6-sast-snyk-check-pod | init container: prepare 2025/10/21 16:37:56 Entrypoint initialization pod: gh-test-custom-branch-okorou-on-push-zmgv6-sast-snyk-check-pod | init container: place-scripts 2025/10/21 16:37:57 Decoded script /tekton/scripts/script-0-cld9h 2025/10/21 16:37:57 Decoded script /tekton/scripts/script-1-2tztx pod: gh-test-custom-branch-okorou-on-push-zmgv6-sast-snyk-check-pod | init container: working-dir-initializer pod: gh-test-custom-branch-okorou-on-push-zmgv6-sast-snyk-check-pod | container step-sast-snyk-check: INFO: The PROJECT_NAME used is: gh-test-custom-branch-okorou INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' {"result":"SKIPPED","timestamp":"2025-10-21T16:38:21+00:00","note":"Task sast-snyk-check skipped: If you wish to use the Snyk code SAST task, please create a secret name snyk-secret with the key 'snyk_token' containing the Snyk token by following the steps given [here](https://konflux-ci.dev/docs/testing/build/snyk/)","namespace":"default","successes":0,"failures":0,"warnings":0} pod: gh-test-custom-branch-okorou-on-push-zmgv6-sast-snyk-check-pod | container step-upload: No sast_snyk_check_out.sarif exists. Skipping upload. No excluded-findings.json exists. Skipping upload.