pod: gh-test-custom-branch-avtfyf-on-pull-request-7s68w-init-pod | init container: prepare 2026/07/12 10:07:29 Entrypoint initialization pod: gh-test-custom-branch-avtfyf-on-pull-request-7s68w-init-pod | container step-init: time="2026-07-12T10:07:40Z" level=info msg="[param] enable: false" time="2026-07-12T10:07:40Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-07-12T10:07:40Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-07-12T10:07:40Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-07-12T10:07:40Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-07-12T10:07:40Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-07-12T10:07:40Z" level=info msg="Cache proxy is disabled via param" time="2026-07-12T10:07:40Z" level=info msg="[result] HTTP PROXY: " time="2026-07-12T10:07:40Z" level=info msg="[result] NO PROXY: " pod: gh-test-custom-branch-avtfyf-on-pull-request-7s68w-tpa-scan-pod | init container: prepare 2026/07/12 10:13:32 Entrypoint initialization pod: gh-test-custom-branch-avtfyf-on-pull-request-7s68w-tpa-scan-pod | init container: place-scripts 2026/07/12 10:13:34 Decoded script /tekton/scripts/script-0-52pcx 2026/07/12 10:13:34 Decoded script /tekton/scripts/script-1-rqz7d 2026/07/12 10:13:34 Decoded script /tekton/scripts/script-2-2mhwz pod: gh-test-custom-branch-avtfyf-on-pull-request-7s68w-tpa-scan-pod | container step-get-vulnerabilities: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:d0b679d8ee503141e61cb12f4f9942697c7d94e0d0900fe9acf05b2897e423bb. Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Downloading SBOMs this way does not ensure its authenticity. If you want to ensure a tamper-proof SBOM, download it using 'cosign download attestation '. Found SBOM of media type: text/spdx+json Running TPA scan on amd64 image manifest... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 112k 0 0 100 112k 0 91491 0:00:01 0:00:01 --:--:-- 91491 100 112k 0 0 100 112k 0 51003 0:00:02 0:00:02 --:--:-- 51003 100 118k 0 5780 100 112k 2095 41831 0:00:02 0:00:02 --:--:-- 43943 { "scanned" : { "total" : 78, "direct" : 27, "transitive" : 51 }, "providers" : { "rhtpa" : { "status" : { "ok" : true, "name" : "rhtpa", "code" : 200, "message" : "OK", "warnings" : { } }, "sources" : { }, "recommendations" : { } } }, "licenses" : [ { "status" : { "ok" : true, "name" : "deps.dev", "code" : 200, "message" : "OK", "warnings" : { } }, "summary" : { "total" : 0, "concluded" : 61, "permissive" : 0, "weakCopyleft" : 0, "strongCopyleft" : 0, "unknown" : 0, "deprecated" : 0, "osiApproved" : 0, "fsfLibre" : 0 }, "packages" : { "pkg:apk/alpine/aom-libs@3.14.1-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-release@3.23.4-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/pcre@8.45-r4" : { "evidence" : [ ] }, "pkg:apk/alpine/libexpat@2.7.5-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/busybox-binsh@1.37.0-r30" : { "evidence" : [ ] }, "pkg:apk/alpine/libx11@1.8.12-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/ssl_client@1.37.0-r30" : { "evidence" : [ ] }, "pkg:apk/alpine/brotli-libs@1.2.0-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/tiff@4.7.1-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libice@1.1.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/.runtime-deps@20260617.203708" : { "evidence" : [ ] }, "pkg:apk/alpine/libxslt@1.1.43-r3" : { "evidence" : [ ] }, "pkg:apk/alpine/fontconfig@2.17.1-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libgcc@15.2.0-r2" : { "evidence" : [ ] }, "pkg:apk/alpine/libyuv@0.0.1887.20251502-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/libsm@1.2.6-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libxml2@2.13.9-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/libcrypto3@3.5.7-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libgd@2.3.3-r10" : { "evidence" : [ ] }, "pkg:apk/alpine/libuuid@2.41.4-r0" : { "evidence" : [ ] }, "pkg:generic/nginx@1.31.2" : { "evidence" : [ ] }, "pkg:apk/alpine/libmd@1.1.0-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/ca-certificates-bundle@20260413-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libbz2@1.0.8-r6" : { "evidence" : [ ] }, "pkg:apk/alpine/libapk@3.0.6-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libstdc%2B%2B@15.2.0-r2" : { "evidence" : [ ] }, "pkg:apk/alpine/libbsd@0.12.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/gd@2.3.3-r10" : { "evidence" : [ ] }, "pkg:apk/alpine/libssl3@3.5.7-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libxext@1.3.6-r2" : { "evidence" : [ ] }, "pkg:apk/alpine/apk-tools@3.0.6-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/scanelf@1.3.8-r2" : { "evidence" : [ ] }, "pkg:oci/nginx@sha256%3Aded37838a58bf767acced3030f102a0ca25b98a5766598f5879c11cd1d5683d1" : { "evidence" : [ ] }, "pkg:apk/alpine/musl-utils@1.2.5-r23" : { "evidence" : [ ] }, "pkg:apk/alpine/ca-certificates@20260413-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libdav1d@1.5.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/zlib@1.3.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/xz-libs@5.8.3-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libxcb@1.17.0-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/libxau@1.0.12-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/geoip@1.6.12-r6" : { "evidence" : [ ] }, "pkg:apk/alpine/zstd-libs@1.5.7-r2" : { "evidence" : [ ] }, "pkg:apk/alpine/libavif@1.3.0-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/perl@5.42.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libwebp@1.6.0-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libpng@1.6.58-r1" : { "evidence" : [ ] }, "pkg:github/actions/checkout@v4" : { "evidence" : [ ] }, "pkg:apk/alpine/freetype@2.14.1-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-baselayout-data@3.7.2-r0" : { "evidence" : [ ] }, "pkg:oci/gh-test-custom-branch-avtfyf@sha256%3Ad0b679d8ee503141e61cb12f4f9942697c7d94e0d0900fe9acf05b2897e423bb" : { "evidence" : [ ] }, "pkg:github/beatlabs/delete-old-branches-action@v0.0.10" : { "evidence" : [ ] }, "pkg:apk/alpine/busybox@1.37.0-r30" : { "evidence" : [ ] }, "pkg:apk/alpine/libjpeg-turbo@3.1.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libxt@1.3.1-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/openssl@3.5.7-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-keys@2.6-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libxdmcp@1.1.5-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/libsharpyuv@1.6.0-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-baselayout@3.7.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/musl@1.2.5-r23" : { "evidence" : [ ] }, "pkg:apk/alpine/libxpm@3.5.19-r0" : { "evidence" : [ ] } } } ] } pod: gh-test-custom-branch-avtfyf-on-pull-request-7s68w-tpa-scan-pod | container step-oci-attach-report: Using token for quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf Attaching tpa-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:d0b679d8ee503141e61cb12f4f9942697c7d94e0d0900fe9acf05b2897e423bb [retry] executing: oras attach --no-tty --format go-template=\{\{.digest\}\} --registry-config /tmp/auth/config.json --artifact-type application/vnd.redhat.tpa-report+json quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:d0b679d8ee503141e61cb12f4f9942697c7d94e0d0900fe9acf05b2897e423bb tpa-report-amd64.json:application/vnd.redhat.tpa-report+json pod: gh-test-custom-branch-avtfyf-on-pull-request-7s68w-tpa-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/tpa-report-amd64.json", "namespace": "required_checks", "successes": 8 } ] {"vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:on-pr-a98c645eec075ce940da93e4d85d07e046228210", "digests": ["sha256:d0b679d8ee503141e61cb12f4f9942697c7d94e0d0900fe9acf05b2897e423bb"]}} {"result":"SUCCESS","timestamp":"2026-07-12T10:13:59+00:00","note":"Task tpa-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by TPA.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: gh-test-custom-branch-avtfyf-on-pull-request-g9568-init-pod | init container: prepare 2026/07/12 10:15:22 Entrypoint initialization pod: gh-test-custom-branch-avtfyf-on-pull-request-g9568-init-pod | container step-init: time="2026-07-12T10:15:25Z" level=info msg="[param] enable: false" time="2026-07-12T10:15:25Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-07-12T10:15:25Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-07-12T10:15:25Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-07-12T10:15:25Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-07-12T10:15:25Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-07-12T10:15:25Z" level=info msg="Cache proxy is disabled via param" time="2026-07-12T10:15:25Z" level=info msg="[result] HTTP PROXY: " time="2026-07-12T10:15:25Z" level=info msg="[result] NO PROXY: " pod: gh-test-custom-branch-avtfyf-on-pull-request-g9568-tpa-scan-pod | init container: prepare 2026/07/12 10:18:46 Entrypoint initialization pod: gh-test-custom-branch-avtfyf-on-pull-request-g9568-tpa-scan-pod | init container: place-scripts 2026/07/12 10:18:50 Decoded script /tekton/scripts/script-0-9fjw8 2026/07/12 10:18:50 Decoded script /tekton/scripts/script-1-kw2fz 2026/07/12 10:18:50 Decoded script /tekton/scripts/script-2-szzmf pod: gh-test-custom-branch-avtfyf-on-pull-request-g9568-tpa-scan-pod | container step-get-vulnerabilities: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:44221f8e1cb817b683616ba2a1179022a4cb9c5a0c9df289dd6a40cbed7a9ad8. Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Downloading SBOMs this way does not ensure its authenticity. If you want to ensure a tamper-proof SBOM, download it using 'cosign download attestation '. Found SBOM of media type: text/spdx+json Running TPA scan on amd64 image manifest... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed { "scanned" : { "total" : 78, "direct" : 27, "transitive" : 51 }, "providers" : { "rhtpa" : { "status" : { "ok" : true, "name" : "rhtpa", "code" : 200, "message" : "OK", "warnings" : { } }, "sources" : { }, "recommendations" : { } } }, "licenses" : [ { "status" : { "ok" : true, "name" : "deps.dev", "code" : 200, "message" : "OK", "warnings" : { } }, "summary" : { "total" : 0, "concluded" : 61, "permissive" : 0, "weakCopyleft" : 0, "strongCopyleft" : 0, "unknown" : 0, 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 112k 0 0 100 112k 0 91709 0:00:01 0:00:01 --:--:-- 91709 100 112k 0 0 100 112k 0 51071 0:00:02 0:00:02 --:--:-- 51071 100 118k 0 5780 100 112k 2353 46975 0:00:02 0:00:02 --:--:-- 49328 "deprecated" : 0, "osiApproved" : 0, "fsfLibre" : 0 }, "packages" : { "pkg:apk/alpine/aom-libs@3.14.1-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-release@3.23.4-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/pcre@8.45-r4" : { "evidence" : [ ] }, "pkg:apk/alpine/libexpat@2.7.5-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/busybox-binsh@1.37.0-r30" : { "evidence" : [ ] }, "pkg:apk/alpine/libx11@1.8.12-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/ssl_client@1.37.0-r30" : { "evidence" : [ ] }, "pkg:apk/alpine/brotli-libs@1.2.0-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/tiff@4.7.1-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libice@1.1.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libxslt@1.1.43-r3" : { "evidence" : [ ] }, "pkg:apk/alpine/.runtime-deps@20260617.203708" : { "evidence" : [ ] }, "pkg:apk/alpine/fontconfig@2.17.1-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libgcc@15.2.0-r2" : { "evidence" : [ ] }, "pkg:apk/alpine/libyuv@0.0.1887.20251502-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/libsm@1.2.6-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libxml2@2.13.9-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/libcrypto3@3.5.7-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libgd@2.3.3-r10" : { "evidence" : [ ] }, "pkg:apk/alpine/libuuid@2.41.4-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libmd@1.1.0-r0" : { "evidence" : [ ] }, "pkg:generic/nginx@1.31.2" : { "evidence" : [ ] }, "pkg:apk/alpine/ca-certificates-bundle@20260413-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libbz2@1.0.8-r6" : { "evidence" : [ ] }, "pkg:apk/alpine/libapk@3.0.6-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libstdc%2B%2B@15.2.0-r2" : { "evidence" : [ ] }, "pkg:apk/alpine/libbsd@0.12.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/gd@2.3.3-r10" : { "evidence" : [ ] }, "pkg:oci/gh-test-custom-branch-avtfyf@sha256%3A44221f8e1cb817b683616ba2a1179022a4cb9c5a0c9df289dd6a40cbed7a9ad8" : { "evidence" : [ ] }, "pkg:apk/alpine/libssl3@3.5.7-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libxext@1.3.6-r2" : { "evidence" : [ ] }, "pkg:apk/alpine/apk-tools@3.0.6-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/scanelf@1.3.8-r2" : { "evidence" : [ ] }, "pkg:oci/nginx@sha256%3Aded37838a58bf767acced3030f102a0ca25b98a5766598f5879c11cd1d5683d1" : { "evidence" : [ ] }, "pkg:apk/alpine/musl-utils@1.2.5-r23" : { "evidence" : [ ] }, "pkg:apk/alpine/ca-certificates@20260413-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libdav1d@1.5.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/zlib@1.3.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/xz-libs@5.8.3-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libxcb@1.17.0-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/libxau@1.0.12-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/geoip@1.6.12-r6" : { "evidence" : [ ] }, "pkg:apk/alpine/zstd-libs@1.5.7-r2" : { "evidence" : [ ] }, "pkg:apk/alpine/libavif@1.3.0-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libpng@1.6.58-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/perl@5.42.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libwebp@1.6.0-r0" : { "evidence" : [ ] }, "pkg:github/actions/checkout@v4" : { "evidence" : [ ] }, "pkg:apk/alpine/freetype@2.14.1-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-baselayout-data@3.7.2-r0" : { "evidence" : [ ] }, "pkg:github/beatlabs/delete-old-branches-action@v0.0.10" : { "evidence" : [ ] }, "pkg:apk/alpine/libjpeg-turbo@3.1.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/busybox@1.37.0-r30" : { "evidence" : [ ] }, "pkg:apk/alpine/libxt@1.3.1-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/openssl@3.5.7-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-keys@2.6-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/libxdmcp@1.1.5-r1" : { "evidence" : [ ] }, "pkg:apk/alpine/libsharpyuv@1.6.0-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-baselayout@3.7.2-r0" : { "evidence" : [ ] }, "pkg:apk/alpine/musl@1.2.5-r23" : { "evidence" : [ ] }, "pkg:apk/alpine/libxpm@3.5.19-r0" : { "evidence" : [ ] } } } ] } pod: gh-test-custom-branch-avtfyf-on-pull-request-g9568-tpa-scan-pod | container step-oci-attach-report: Using token for quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf Attaching tpa-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:44221f8e1cb817b683616ba2a1179022a4cb9c5a0c9df289dd6a40cbed7a9ad8 [retry] executing: oras attach --no-tty --format go-template=\{\{.digest\}\} --registry-config /tmp/auth/config.json --artifact-type application/vnd.redhat.tpa-report+json quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:44221f8e1cb817b683616ba2a1179022a4cb9c5a0c9df289dd6a40cbed7a9ad8 tpa-report-amd64.json:application/vnd.redhat.tpa-report+json pod: gh-test-custom-branch-avtfyf-on-pull-request-g9568-tpa-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/tpa-report-amd64.json", "namespace": "required_checks", "successes": 8 } ] {"vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:on-pr-7f2c040f9f3be83f346f7fcf5c78e58450fea0b9", "digests": ["sha256:44221f8e1cb817b683616ba2a1179022a4cb9c5a0c9df289dd6a40cbed7a9ad8"]}} {"result":"SUCCESS","timestamp":"2026-07-12T10:19:05+00:00","note":"Task tpa-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by TPA.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-build-container-pod | init container: prepare 2026/07/12 10:20:54 Entrypoint initialization pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-build-container-pod | init container: place-scripts 2026/07/12 10:20:55 Decoded script /tekton/scripts/script-1-mfdlz 2026/07/12 10:20:55 Decoded script /tekton/scripts/script-2-4wrbq 2026/07/12 10:20:55 Decoded script /tekton/scripts/script-3-mx8vc 2026/07/12 10:20:55 Decoded script /tekton/scripts/script-4-5vkwd 2026/07/12 10:20:55 Decoded script /tekton/scripts/script-5-7wtxc pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-build-container-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf Executing: oras blob fetch --registry-config /tmp/use-oci.sh.PNC7Js/auth-30hrSE.json quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:47d58377c5a03e9cd29938824e63cd80e59fb4c65a9a65465a55647d7bac75b3 --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:47d58377c5a03e9cd29938824e63cd80e59fb4c65a9a65465a55647d7bac75b3 to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-build-container-pod | container step-build: [2026-07-12T10:20:59,812639027+00:00] Validate context path [2026-07-12T10:20:59,816163791+00:00] Update CA trust [2026-07-12T10:20:59,817169217+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-07-12T10:21:03,652217089+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-07-12T10:21:03,659672029+00:00] Prepare system (architecture: x86_64) [2026-07-12T10:21:03,674474544+00:00] Setup prefetched Trying to pull quay.io/jitesoft/nginx:latest... Getting image source signatures Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Copying blob sha256:6a0ac1617861a677b045b7ff88545213ec31c0ff08763195a70a4a5adda577bb Copying blob sha256:4081b01e3ee87137f6bb66bae8bb45f3d2757070790f021b4ad16276cce78d44 Copying blob sha256:5358b7a82908daa068e7d9d6d1e7949b2d8a9bd1d2e0f1347100ea5f84dab9b8 Copying config sha256:7656d80b49508e78f7faa9f30df28ab7f320efe9099880e78f1a699374ee0b61 Writing manifest to image destination [2026-07-12T10:21:07,694940460+00:00] Unsetting proxy { "com.jitesoft.app.alpine.version": "3.23.4", "com.jitesoft.app.nginx.version": "1.31.2", "com.jitesoft.build.arch": "amd64", "com.jitesoft.build.platform": "linux/amd64", "com.jitesoft.project.registry.uri": "registry.gitlab.com/jitesoft/dockerfiles/nginx", "com.jitesoft.project.repo.issues": "https://gitlab.com/jitesoft/dockerfiles/nginx/issues", "com.jitesoft.project.repo.type": "git", "com.jitesoft.project.repo.uri": "https://gitlab.com/jitesoft/dockerfiles/nginx", "io.artifacthub.package.alternative-locations": "oci://index.docker.io/jitesoft/nginx,oci://ghcr.io/jitesoft/nginx,oci://registry.gitlab.com/jitesoft/dockerfiles/nginx", "io.artifacthub.package.logo-url": "https://jitesoft.com/favicon-96x96.png", "io.artifacthub.package.readme-url": "https://gitlab.com/jitesoft/dockerfiles/nginx/-/raw/master/README.md", "maintainer": "Johannes Tegnér ", "maintainer.org": "Jitesoft", "maintainer.org.uri": "https://jitesoft.com", "org.opencontainers.image.created": "2026-07-12T10:21:03Z", "org.opencontainers.image.description": "Nginx on Alpine linux", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-qbnzuj", "org.opencontainers.image.vendor": "Jitesoft", "org.opencontainers.image.version": "1.31.2", "architecture": "x86_64", "vcs-type": "git", "vcs-ref": "78f91720f3430978801e1dbec716fb511cdd97b1", "org.opencontainers.image.revision": "78f91720f3430978801e1dbec716fb511cdd97b1", "build-date": "2026-07-12T10:21:03Z", "io.buildah.version": "1.42.2", "konflux.additional-tags": "test-tag1, test-tag2" } [2026-07-12T10:21:07,760854907+00:00] Register sub-man Adding the entitlement to the build [2026-07-12T10:21:07,763874884+00:00] Add secrets [2026-07-12T10:21:07,775467218+00:00] Run buildah build [2026-07-12T10:21:07,776495061+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=78f91720f3430978801e1dbec716fb511cdd97b1 --label org.opencontainers.image.revision=78f91720f3430978801e1dbec716fb511cdd97b1 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-qbnzuj --label build-date=2026-07-12T10:21:03Z --label org.opencontainers.image.created=2026-07-12T10:21:03Z --annotation org.opencontainers.image.revision=78f91720f3430978801e1dbec716fb511cdd97b1 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-qbnzuj --annotation org.opencontainers.image.created=2026-07-12T10:21:03Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.bTfwYP -t quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1 . STEP 1/6: FROM quay.io/jitesoft/nginx:latest STEP 2/6: ENV PORT="8080" STEP 3/6: LABEL konflux.additional-tags="test-tag1, test-tag2" STEP 4/6: COPY labels.json /usr/share/buildinfo/labels.json STEP 5/6: COPY labels.json /root/buildinfo/labels.json STEP 6/6: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="78f91720f3430978801e1dbec716fb511cdd97b1" "org.opencontainers.image.revision"="78f91720f3430978801e1dbec716fb511cdd97b1" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-qbnzuj" "build-date"="2026-07-12T10:21:03Z" "org.opencontainers.image.created"="2026-07-12T10:21:03Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1 time="2026-07-12T10:21:08Z" level=warning msg="HEALTHCHECK is not supported for OCI image format and will be ignored. Must use `docker` format" --> 659bd195e642 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1 659bd195e64237ccec52c5740c60a06326d0669c164abdcbd4f54ae722c07832 [2026-07-12T10:21:09,088362996+00:00] Unsetting proxy [2026-07-12T10:21:09,089565884+00:00] Add metadata Recording base image digests used quay.io/jitesoft/nginx:latest quay.io/jitesoft/nginx:latest@sha256:ded37838a58bf767acced3030f102a0ca25b98a5766598f5879c11cd1d5683d1 Getting image source signatures Copying blob sha256:511dad6b1f782c8f464519bb2934e7dc416b01209d9af4fe393b11ac1623e06a Copying blob sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 Copying blob sha256:6c2e89a5218b291f880e8a13c6b71a79bf3c69e22655599f76311afee14e4abe Copying blob sha256:76335936023d155688d0d6c8dfa28f1a44a5b1ed8cc930329ad83ab20f7100f1 Copying blob sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef Copying config sha256:659bd195e64237ccec52c5740c60a06326d0669c164abdcbd4f54ae722c07832 Writing manifest to image destination [2026-07-12T10:21:11,623860758+00:00] End build pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-build-container-pod | container step-push: [2026-07-12T10:21:12,392014651+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-07-12T10:21:32,581464672+00:00] Convert image [2026-07-12T10:21:32,582616996+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:gh-test-custom-branch-avtfyf-on-push-zdjw6-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1 docker://quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:gh-test-custom-branch-avtfyf-on-push-zdjw6-build-container Getting image source signatures Copying blob sha256:511dad6b1f782c8f464519bb2934e7dc416b01209d9af4fe393b11ac1623e06a Copying blob sha256:6c2e89a5218b291f880e8a13c6b71a79bf3c69e22655599f76311afee14e4abe Copying blob sha256:76335936023d155688d0d6c8dfa28f1a44a5b1ed8cc930329ad83ab20f7100f1 Copying blob sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 Copying blob sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef Copying config sha256:659bd195e64237ccec52c5740c60a06326d0669c164abdcbd4f54ae722c07832 Writing manifest to image destination [2026-07-12T10:21:41,563436380+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1 [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /var/workdir/image-digest quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1 docker://quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1 Getting image source signatures Copying blob sha256:511dad6b1f782c8f464519bb2934e7dc416b01209d9af4fe393b11ac1623e06a Copying blob sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 Copying blob sha256:6c2e89a5218b291f880e8a13c6b71a79bf3c69e22655599f76311afee14e4abe Copying blob sha256:76335936023d155688d0d6c8dfa28f1a44a5b1ed8cc930329ad83ab20f7100f1 Copying blob sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef Copying config sha256:659bd195e64237ccec52c5740c60a06326d0669c164abdcbd4f54ae722c07832 Writing manifest to image destination sha256:90d3b50d70e2b3a8707b981c212f74119795de2766a62443ee30e09fc207a11aquay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1 [retry] executing: kubectl get configmap cluster-config -n konflux-info -o json Keyless signing is disabled (none of rekorInternalUrl, fulcioInternalUrl, defaultOIDCIssuer, tufInternalUrl are configured in the konflux-info/cluster-config configmap) [2026-07-12T10:21:44,986146027+00:00] End push pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-build-container-pod | container step-sbom-syft-generate: [2026-07-12T10:21:45,475909629+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2026-07-12T10:21:57,024762775+00:00] End sbom-syft-generate pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-build-container-pod | container step-prepare-sboms: [2026-07-12T10:21:58,006763726+00:00] Prepare SBOM [2026-07-12T10:21:58,081623025+00:00] Generate SBOM with mobster Skipping SBOM validation 2026-07-12 10:22:09,585 [INFO] mobster.log: Logging level set to 20 2026-07-12 10:22:09,979 [INFO] mobster.oci: Fetching manifest for quay.io/jitesoft/nginx@sha256:ded37838a58bf767acced3030f102a0ca25b98a5766598f5879c11cd1d5683d1 2026-07-12 10:22:11,922 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/jitesoft/nginx@sha256:c9318c69e6dabcd1e6825b2e24432a30289a25390b9492f506ef74185ff4a6b5 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-07-12 10:22:12,659 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/jitesoft/nginx@sha256:c9318c69e6dabcd1e6825b2e24432a30289a25390b9492f506ef74185ff4a6b5 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-07-12 10:22:14,168 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/jitesoft/nginx@sha256:c9318c69e6dabcd1e6825b2e24432a30289a25390b9492f506ef74185ff4a6b5 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-07-12 10:22:14,875 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/jitesoft/nginx@sha256:c9318c69e6dabcd1e6825b2e24432a30289a25390b9492f506ef74185ff4a6b5 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-07-12 10:22:16,355 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/jitesoft/nginx@sha256:c9318c69e6dabcd1e6825b2e24432a30289a25390b9492f506ef74185ff4a6b5 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-07-12 10:22:17,099 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/jitesoft/nginx@sha256:c9318c69e6dabcd1e6825b2e24432a30289a25390b9492f506ef74185ff4a6b5 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-07-12 10:22:18,702 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/jitesoft/nginx@sha256:c9318c69e6dabcd1e6825b2e24432a30289a25390b9492f506ef74185ff4a6b5 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-07-12 10:22:19,532 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/jitesoft/nginx@sha256:c9318c69e6dabcd1e6825b2e24432a30289a25390b9492f506ef74185ff4a6b5 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-07-12 10:22:19,532 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2026-07-12 10:22:19,532 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2026-07-12 10:22:19,532 [INFO] mobster.log: Contextual workflow completed in 9.65s 2026-07-12 10:22:19,540 [INFO] mobster.main: Exiting with code 0. [2026-07-12T10:22:20,181547381+00:00] End prepare-sboms pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-build-container-pod | container step-upload-sbom: [2026-07-12T10:22:20,345032551+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf Pushing sbom to registry [retry] executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1@sha256:90d3b50d70e2b3a8707b981c212f74119795de2766a62443ee30e09fc207a11a WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate sbom.json --key '. Uploading SBOM file for [quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:90d3b50d70e2b3a8707b981c212f74119795de2766a62443ee30e09fc207a11a] to [quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:sha256-90d3b50d70e2b3a8707b981c212f74119795de2766a62443ee30e09fc207a11a.sbom] with mediaType [text/spdx+json]. quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:7ac5662011b37d79d6ba1f0a3fa6f27ae3fc71977312ed2049b2ac8c07fa424c [2026-07-12T10:22:43,620257961+00:00] End upload-sbom pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-clone-repository-pod | init container: prepare 2026/07/12 10:20:08 Entrypoint initialization pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-clone-repository-pod | init container: place-scripts 2026/07/12 10:20:09 Decoded script /tekton/scripts/script-0-7wl87 2026/07/12 10:20:09 Decoded script /tekton/scripts/script-1-27585 pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1783851611.3210933,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1783851611.663148,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-qbnzuj @ 78f91720f3430978801e1dbec716fb511cdd97b1 (grafted, HEAD) in path /var/workdir/source"} {"level":"info","ts":1783851611.663201,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1783851611.686282,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /var/workdir/source"} Merge option disabled. Using checked-out revision 78f91720f3430978801e1dbec716fb511cdd97b1 directly. pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-clone-repository-pod | container step-symlink-check: Running symlink check pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-clone-repository-pod | container step-create-trusted-artifact: Prepared artifact from /var/workdir/source (sha256:47d58377c5a03e9cd29938824e63cd80e59fb4c65a9a65465a55647d7bac75b3) Using token for quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf Executing: oras push --registry-config /tmp/create-oci.sh.nRayxF/auth-tbz7eo.json quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1.git SOURCE_ARTIFACT Uploading 47d58377c5a0 SOURCE_ARTIFACT Uploaded 47d58377c5a0 SOURCE_ARTIFACT Pushed [registry] quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1.git ArtifactType: application/vnd.unknown.artifact.v1 Digest: sha256:2ee1067a9deba64e2010db23e65d0c215ccfb155fd127568756dfe523f4aca4f Artifacts created pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-init-pod | init container: prepare 2026/07/12 10:20:03 Entrypoint initialization pod: gh-test-custom-branch-avtfyf-on-push-zdjw6-init-pod | container step-init: time="2026-07-12T10:20:06Z" level=info msg="[param] enable: false" time="2026-07-12T10:20:06Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-07-12T10:20:06Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-07-12T10:20:06Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-07-12T10:20:06Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-07-12T10:20:06Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-07-12T10:20:06Z" level=info msg="Cache proxy is disabled via param" time="2026-07-12T10:20:06Z" level=info msg="[result] HTTP PROXY: " time="2026-07-12T10:20:06Z" level=info msg="[result] NO PROXY: " pod: gh-test-custom-branch-avtfyf38f6ac70cf9f92d3d397faef7bee98b-pod | init container: prepare 2026/07/12 10:23:00 Entrypoint initialization pod: gh-test-custom-branch-avtfyf38f6ac70cf9f92d3d397faef7bee98b-pod | init container: place-scripts 2026/07/12 10:23:08 Decoded script /tekton/scripts/script-0-b942c 2026/07/12 10:23:09 Decoded script /tekton/scripts/script-1-55cz5 2026/07/12 10:23:09 Decoded script /tekton/scripts/script-2-vw74c pod: gh-test-custom-branch-avtfyf38f6ac70cf9f92d3d397faef7bee98b-pod | container step-build: [2026-07-12T10:23:27,878206659+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Running konflux-build-cli time="2026-07-12T10:23:31Z" level=info msg="[param] image: quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1" time="2026-07-12T10:23:31Z" level=info msg="[param] images: [quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1@sha256:90d3b50d70e2b3a8707b981c212f74119795de2766a62443ee30e09fc207a11a]" time="2026-07-12T10:23:31Z" level=info msg="[param] buildah-format: docker" time="2026-07-12T10:23:31Z" level=info msg="[param] always-build-index: false" time="2026-07-12T10:23:31Z" level=info msg="[param] additional-tags: [gh-test-custom-branch-avtfyf-on-push-zdjw6-build-image-index]" time="2026-07-12T10:23:31Z" level=info msg="[param] output-manifest-path: /index-build-data/manifest_data.json" time="2026-07-12T10:23:31Z" level=info msg="[param] result-path-image-digest: /tekton/results/IMAGE_DIGEST" time="2026-07-12T10:23:31Z" level=info msg="[param] result-path-image-url: /tekton/results/IMAGE_URL" time="2026-07-12T10:23:31Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-07-12T10:23:31Z" level=info msg="[param] result-path-images: /tekton/results/IMAGES" time="2026-07-12T10:23:31Z" level=info msg="Creating manifest list: quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1" time="2026-07-12T10:23:32Z" level=info msg="buildah [stdout] b2b6e45600e2982e95689f71d82a30a8eeb1348bc693f791c5c66c3e2ad2a47d" logger=CliExecutor time="2026-07-12T10:23:32Z" level=info msg="Skipping image index generation. Returning results for single image." {"image_digest":"sha256:90d3b50d70e2b3a8707b981c212f74119795de2766a62443ee30e09fc207a11a","image_url":"quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf:78f91720f3430978801e1dbec716fb511cdd97b1","image_ref":"quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:90d3b50d70e2b3a8707b981c212f74119795de2766a62443ee30e09fc207a11a","images":"quay.io/redhat-appstudio-qe/build-e2e-wzrj/gh-test-custom-branch-avtfyf@sha256:90d3b50d70e2b3a8707b981c212f74119795de2766a62443ee30e09fc207a11a"} pod: gh-test-custom-branch-avtfyf38f6ac70cf9f92d3d397faef7bee98b-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: gh-test-custom-branch-avtfyf38f6ac70cf9f92d3d397faef7bee98b-pod | container step-upload-sbom: [2026-07-12T10:23:33,694088760+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload...