pod: python-component-wdzmqh-on-126153814c70cd597a407086da7973c1-pod | init container: prepare 2025/12/19 18:05:41 Entrypoint initialization pod: python-component-wdzmqh-on-126153814c70cd597a407086da7973c1-pod | init container: place-scripts 2025/12/19 18:05:44 Decoded script /tekton/scripts/script-0-kvdbt 2025/12/19 18:05:44 Decoded script /tekton/scripts/script-1-r8l8z pod: python-component-wdzmqh-on-126153814c70cd597a407086da7973c1-pod | init container: working-dir-initializer pod: python-component-wdzmqh-on-126153814c70cd597a407086da7973c1-pod | container step-sast-snyk-check: INFO: The PROJECT_NAME used is: python-component-wdzmqh INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' {"result":"SKIPPED","timestamp":"2025-12-19T18:06:07+00:00","note":"Task sast-snyk-check skipped: If you wish to use the Snyk code SAST task, please create a secret name snyk-secret with the key 'snyk_token' containing the Snyk token by following the steps given [here](https://konflux-ci.dev/docs/testing/build/snyk/)","namespace":"default","successes":0,"failures":0,"warnings":0} pod: python-component-wdzmqh-on-126153814c70cd597a407086da7973c1-pod | container step-upload: No sast_snyk_check_out.sarif exists. Skipping upload. No excluded-findings.json exists. Skipping upload. pod: python-component-wdzmqh-on-1d0c741fd413ab3ea3e1dd2fb61b13e0-pod | init container: prepare 2025/12/19 18:05:45 Entrypoint initialization pod: python-component-wdzmqh-on-1d0c741fd413ab3ea3e1dd2fb61b13e0-pod | init container: place-scripts 2025/12/19 18:05:48 Decoded script /tekton/scripts/script-0-gkg6q 2025/12/19 18:05:48 Decoded script /tekton/scripts/script-1-dk2xr pod: python-component-wdzmqh-on-1d0c741fd413ab3ea3e1dd2fb61b13e0-pod | init container: working-dir-initializer pod: python-component-wdzmqh-on-1d0c741fd413ab3ea3e1dd2fb61b13e0-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=python-component-wdzmqh + echo 'INFO: The PROJECT_NAME used is: python-component-wdzmqh' + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' INFO: The PROJECT_NAME used is: python-component-wdzmqh INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/workspace/workspace/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/workspace/workspace/source/. ++ realpath -m /workspace/workspace/source/. + resolved_path=/workspace/workspace/source + [[ /workspace/workspace/source == \/\w\o\r\k\s\p\a\c\e\/\w\o\r\k\s\p\a\c\e\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' + /usr/share/csmock/scripts/run-shellcheck.sh /workspace/workspace/source INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/sendemail-validate.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/update.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/workspace/workspace/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-100.json ./shellcheck-results/sc-119.json ./shellcheck-results/sc-130.json ./shellcheck-results/sc-131.json ./shellcheck-results/sc-133.json ./shellcheck-results/sc-86.json ./shellcheck-results/sc-89.json ./shellcheck-results/sc-91.json ./shellcheck-results/sc-94.json ./shellcheck-results/sc-97.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' + echo 'ShellCheck results have been saved to shellcheck-results.json' + csgrep --mode=evtstat shellcheck-results.json ShellCheck results have been saved to shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + note='Task sast-shell-check completed successfully.' ++ make_result_json -r SUCCESS -t 'Task sast-shell-check completed successfully.' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-shell-check completed successfully.' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2025-12-19T18:06:09+00:00 --arg result SUCCESS --arg note 'Task sast-shell-check completed successfully.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2025-12-19T18:06:09+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2025-12-19T18:06:09+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2025-12-19T18:06:09+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2025-12-19T18:06:09+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2025-12-19T18:06:09+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: python-component-wdzmqh-on-1d0c741fd413ab3ea3e1dd2fb61b13e0-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh Attaching to quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183@sha256:579e921c3398ea8bc3531399fd5d4d4f74184e23bc96dbc89f7da4439c94efe1 shellcheck-results.sarif:application/sarif+json Preparing shellcheck-results.sarif Uploading 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 3b606a9dd3a1 shellcheck-results.sarif Uploaded 44136fa355b3 application/vnd.oci.empty.v1+json Uploaded 3b606a9dd3a1 shellcheck-results.sarif Uploading 4ccb2f98594c application/vnd.oci.image.manifest.v1+json Uploaded 4ccb2f98594c application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183@sha256:579e921c3398ea8bc3531399fd5d4d4f74184e23bc96dbc89f7da4439c94efe1 Digest: sha256:4ccb2f98594cbf12b1d9fde323efece8d0837ecb89a779a2d31dde6f4790b51f No excluded-findings.json exists. Skipping upload. pod: python-component-wdzmqh-on-418f2aec96ebcd18db7b3ce732efb13e-pod | init container: prepare 2025/12/19 18:05:02 Entrypoint initialization pod: python-component-wdzmqh-on-418f2aec96ebcd18db7b3ce732efb13e-pod | init container: place-scripts 2025/12/19 18:05:06 Decoded script /tekton/scripts/script-0-xcrgl 2025/12/19 18:05:06 Decoded script /tekton/scripts/script-1-rs6xg 2025/12/19 18:05:06 Decoded script /tekton/scripts/script-2-qt4qs pod: python-component-wdzmqh-on-418f2aec96ebcd18db7b3ce732efb13e-pod | container step-build: [2025-12-19T18:05:12,801987162+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' 740655948a46b9b552da959baa494c884f20842c6d62f9cb3cc279864a92c078 Skipping image index generation. Returning results for quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh@sha256:579e921c3398ea8bc3531399fd5d4d4f74184e23bc96dbc89f7da4439c94efe1. pod: python-component-wdzmqh-on-418f2aec96ebcd18db7b3ce732efb13e-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: python-component-wdzmqh-on-418f2aec96ebcd18db7b3ce732efb13e-pod | container step-upload-sbom: [2025-12-19T18:05:16,951096497+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: python-component-wdzmqh-on-579a16d5a0e25a9e8c25e2449321addc-pod | init container: prepare 2025/12/19 18:02:24 Entrypoint initialization pod: python-component-wdzmqh-on-579a16d5a0e25a9e8c25e2449321addc-pod | init container: place-scripts 2025/12/19 18:02:24 Decoded script /tekton/scripts/script-0-9zmtq 2025/12/19 18:02:24 Decoded script /tekton/scripts/script-1-79z9m 2025/12/19 18:02:24 Decoded script /tekton/scripts/script-2-fs4sd 2025/12/19 18:02:24 Decoded script /tekton/scripts/script-3-sv5gh 2025/12/19 18:02:24 Decoded script /tekton/scripts/script-4-shfbr pod: python-component-wdzmqh-on-579a16d5a0e25a9e8c25e2449321addc-pod | init container: working-dir-initializer pod: python-component-wdzmqh-on-579a16d5a0e25a9e8c25e2449321addc-pod | container step-build: [2025-12-19T18:02:29,982504005+00:00] Validate context path [2025-12-19T18:02:29,986220874+00:00] Update CA trust [2025-12-19T18:02:29,987466558+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-12-19T18:02:32,350108451+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2025-12-19T18:02:32,358616842+00:00] Prepare system (architecture: x86_64) [2025-12-19T18:02:42,152300075+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/python-39:1-117.1684741281... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:8a2e9815396eaa57b0dfe27b2dfc442417f06aa70974c358f198980b533c7942 Copying blob sha256:a07d808ddf4404b3885fef6100142a973cc667b2c3c4abcf4db96508795b1efb Copying blob sha256:085efe85e9dfb0b3d5d2392e4b78660a3091bf1ded336315117a627fbdd0567d Copying blob sha256:5465449a2ea5d8a7e05fa498c8ba35f0ce7714b0ad37e716961fca17dfa1ef13 Copying config sha256:45c8f23c11bb64f238236aaf5cbe05595778e1d4fb6c06109c6fcc0a6b57a45b Writing manifest to image destination Storing signatures [2025-12-19T18:03:13,544672576+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2025-12-19T18:02:42Z", "com.redhat.component": "python-39-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "distribution-scope": "public", "io.buildah.version": "1.41.4", "io.buildpacks.stack.id": "com.redhat.stacks.ubi9-python-39", "io.k8s.description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "io.k8s.display-name": "Python 3.9", "io.openshift.expose-services": "8080:http", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,python,python39,python-39,rh-python39", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "SoftwareCollections.org ", "name": "ubi9/python-39", "release": "117.1684741281", "summary": "Platform for building and running Python 3.9 applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi9/python-39/images/1-117.1684741281", "usage": "s2i build https://github.com/sclorg/s2i-python-container.git --context-dir=3.9/test/setup-test-app/ ubi9/python-39 python-sample-app", "vcs-ref": "a22da631aa6d9544d3f3a938da0d4c7cea9ab183", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1", "org.opencontainers.image.revision": "a22da631aa6d9544d3f3a938da0d4c7cea9ab183", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2025-12-19T18:02:42Z" } [2025-12-19T18:03:13,590693537+00:00] Register sub-man Adding the entitlement to the build [2025-12-19T18:03:13,594600157+00:00] Add secrets [2025-12-19T18:03:13,707119156+00:00] Run buildah build [2025-12-19T18:03:13,708314204+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=a22da631aa6d9544d3f3a938da0d4c7cea9ab183 --label org.opencontainers.image.revision=a22da631aa6d9544d3f3a938da0d4c7cea9ab183 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2025-12-19T18:02:42Z --label org.opencontainers.image.created=2025-12-19T18:02:42Z --annotation org.opencontainers.image.revision=a22da631aa6d9544d3f3a938da0d4c7cea9ab183 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2025-12-19T18:02:42Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.vkzsL2 -t quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183 . STEP 1/10: FROM registry.access.redhat.com/ubi9/python-39:1-117.1684741281 STEP 2/10: EXPOSE 8081/tcp STEP 3/10: ENV FLASK_PORT=8081 STEP 4/10: WORKDIR /projects STEP 5/10: COPY . . STEP 6/10: RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; elif [ `ls -1q *.txt | wc -l` == 1 ]; then pip install -r *.txt; fi Collecting Flask==2.3.3 Downloading flask-2.3.3-py3-none-any.whl (96 kB) Collecting importlib-metadata>=3.6.0 Downloading importlib_metadata-8.7.0-py3-none-any.whl (27 kB) Collecting blinker>=1.6.2 Downloading blinker-1.9.0-py3-none-any.whl (8.5 kB) Collecting Jinja2>=3.1.2 Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) Collecting Werkzeug>=2.3.7 Downloading werkzeug-3.1.4-py3-none-any.whl (224 kB) Collecting itsdangerous>=2.1.2 Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Collecting click>=8.1.3 Downloading click-8.1.8-py3-none-any.whl (98 kB) Collecting zipp>=3.20 Downloading zipp-3.23.0-py3-none-any.whl (10 kB) Collecting MarkupSafe>=2.0 Downloading markupsafe-3.0.3-cp39-cp39-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (20 kB) Installing collected packages: zipp, MarkupSafe, Werkzeug, Jinja2, itsdangerous, importlib-metadata, click, blinker, Flask Successfully installed Flask-2.3.3 Jinja2-3.1.6 MarkupSafe-3.0.3 Werkzeug-3.1.4 blinker-1.9.0 click-8.1.8 importlib-metadata-8.7.0 itsdangerous-2.2.0 zipp-3.23.0 WARNING: You are using pip version 21.3.1; however, version 25.3 is available. You should consider upgrading via the '/opt/app-root/bin/python3.9 -m pip install --upgrade pip' command. STEP 7/10: CMD [ "python", "./app.py" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="a22da631aa6d9544d3f3a938da0d4c7cea9ab183" "org.opencontainers.image.revision"="a22da631aa6d9544d3f3a938da0d4c7cea9ab183" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2025-12-19T18:02:42Z" "org.opencontainers.image.created"="2025-12-19T18:02:42Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183 --> 4a00c6dda228 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183 4a00c6dda22876433e2e9d53895a63d38bd0b72124507115c2f113780ae7eea2 [2025-12-19T18:03:51,081726425+00:00] Unsetting proxy [2025-12-19T18:03:51,083234339+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/python-39:1-117.1684741281 registry.access.redhat.com/ubi9/python-39:1-117.1684741281@sha256:40a58935b9c22664927b22bf256f53a3d744ddb7316f3af18061099e199526ee Getting image source signatures Copying blob sha256:574aa27c6df7a1c8d7e11d5278063252b6a789b93fe4585f13072e1dd3545e59 Copying blob sha256:bc8a0003b3470be53e5cf295daf38c287d3f20ab90e8f5c2b6f17406b158d323 Copying blob sha256:d93d3cc0bc0c5ed9655bcdcf31183ed0b570076c0e6a13e0d7cb907d0b877b00 Copying blob sha256:629980bfa23ec05ce5acc61ed2866ddf8713f40bb2a61f0850395082f1457220 Copying blob sha256:d661a108c347030c3ef626a0e0020e084fba1e1023193824f5395fa90ef40bde Copying config sha256:4a00c6dda22876433e2e9d53895a63d38bd0b72124507115c2f113780ae7eea2 Writing manifest to image destination [2025-12-19T18:03:58,100105480+00:00] End build pod: python-component-wdzmqh-on-579a16d5a0e25a9e8c25e2449321addc-pod | container step-push: [2025-12-19T18:03:58,115591194+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-12-19T18:04:00,253664701+00:00] Convert image [2025-12-19T18:04:00,254833125+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:python-component-wdzmqh-on-pull-request-8g8s6-build-container Executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183 docker://quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:python-component-wdzmqh-on-pull-request-8g8s6-build-container [2025-12-19T18:04:18,624665578+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183 Executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183 docker://quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183 sha256:579e921c3398ea8bc3531399fd5d4d4f74184e23bc96dbc89f7da4439c94efe1quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183 [2025-12-19T18:04:20,857026491+00:00] End push pod: python-component-wdzmqh-on-579a16d5a0e25a9e8c25e2449321addc-pod | container step-sbom-syft-generate: [2025-12-19T18:04:21,260120368+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2025-12-19T18:04:38,788636983+00:00] End sbom-syft-generate pod: python-component-wdzmqh-on-579a16d5a0e25a9e8c25e2449321addc-pod | container step-prepare-sboms: [2025-12-19T18:04:39,428318337+00:00] Prepare SBOM [2025-12-19T18:04:39,432676726+00:00] Generate SBOM with mobster Skipping SBOM validation 2025-12-19 18:04:40,930 [INFO] mobster.log: Logging level set to 20 2025-12-19 18:04:41,395 [INFO] mobster.oci: Fetching manifest for registry.access.redhat.com/ubi9/python-39@sha256:40a58935b9c22664927b22bf256f53a3d744ddb7316f3af18061099e199526ee 2025-12-19 18:04:47,920 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2025-12-19 18:04:47,920 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2025-12-19 18:04:47,922 [INFO] mobster.log: Contextual workflow completed in 6.63s 2025-12-19 18:04:48,072 [INFO] mobster.main: Exiting with code 0. [2025-12-19T18:04:48,146707967+00:00] End prepare-sboms pod: python-component-wdzmqh-on-579a16d5a0e25a9e8c25e2449321addc-pod | container step-upload-sbom: [2025-12-19T18:04:48,568902497+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh Pushing sbom to registry Executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh:on-pr-a22da631aa6d9544d3f3a938da0d4c7cea9ab183@sha256:579e921c3398ea8bc3531399fd5d4d4f74184e23bc96dbc89f7da4439c94efe1 quay.io/redhat-appstudio-qe/build-e2e-fpoh/python-component-wdzmqh@sha256:c43c41bde83a65862149ff67549b9de7094860399d1f5cf07c1d1ae677ad0f0b [2025-12-19T18:04:53,093761131+00:00] End upload-sbom pod: python-component-wdzmqh-on-abd2e3ed8b3801f9c99af0f2490eb4f7-pod | init container: prepare 2025/12/19 18:01:57 Entrypoint initialization pod: python-component-wdzmqh-on-abd2e3ed8b3801f9c99af0f2490eb4f7-pod | init container: place-scripts 2025/12/19 18:02:03 Decoded script /tekton/scripts/script-0-r469m 2025/12/19 18:02:03 Decoded script /tekton/scripts/script-1-frzcg pod: python-component-wdzmqh-on-abd2e3ed8b3801f9c99af0f2490eb4f7-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1766167329.7992787,"caller":"git/git.go:384","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1766167331.0784726,"caller":"git/git.go:218","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ a22da631aa6d9544d3f3a938da0d4c7cea9ab183 (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1766167331.07885,"caller":"git/git.go:384","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1766167331.104639,"caller":"git/git.go:267","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision a22da631aa6d9544d3f3a938da0d4c7cea9ab183 directly. pod: python-component-wdzmqh-on-abd2e3ed8b3801f9c99af0f2490eb4f7-pod | container step-symlink-check: Running symlink check pod: python-component-wdzmqh-on-d8d1aac34df556bfe6bbe899c46d1ea8-pod | init container: prepare failed to try resolving symlinks in path "/var/log/pods/build-e2e-fpoh_python-component-wdzmqh-on-d8d1aac34df556bfe6bbe899c46d1ea8-pod_93471dba-0c69-46c0-b006-00ffadae43c0/prepare/0.log": lstat /var/log/pods/build-e2e-fpoh_python-component-wdzmqh-on-d8d1aac34df556bfe6bbe899c46d1ea8-pod_93471dba-0c69-46c0-b006-00ffadae43c0/prepare/0.log: no such file or directory pod: python-component-wdzmqh-on-d8d1aac34df556bfe6bbe899c46d1ea8-pod | init container: place-scripts