pod: go-component-ynanlm-on-pull-request-6f4lz-apply-tags-pod | init container: prepare 2025/11/04 09:38:12 Entrypoint initialization pod: go-component-ynanlm-on-pull-request-6f4lz-apply-tags-pod | init container: place-scripts 2025/11/04 09:38:27 Decoded script /tekton/scripts/script-0-rhmcx 2025/11/04 09:38:27 Decoded script /tekton/scripts/script-1-xg2d9 pod: go-component-ynanlm-on-pull-request-6f4lz-apply-tags-pod | container step-apply-additional-tags-from-parameter: No additional tags parameter specified pod: go-component-ynanlm-on-pull-request-6f4lz-apply-tags-pod | container step-apply-additional-tags-from-image-label: No additional tags specified in the image labels pod: go-component-ynanlm-on-pull-request-6f4lz-build-container-pod | init container: prepare 2025/11/04 09:35:10 Entrypoint initialization pod: go-component-ynanlm-on-pull-request-6f4lz-build-container-pod | init container: place-scripts 2025/11/04 09:35:11 Decoded script /tekton/scripts/script-0-j4rxk 2025/11/04 09:35:11 Decoded script /tekton/scripts/script-1-l8zvz 2025/11/04 09:35:11 Decoded script /tekton/scripts/script-2-lqblv 2025/11/04 09:35:11 Decoded script /tekton/scripts/script-3-8lk58 2025/11/04 09:35:11 Decoded script /tekton/scripts/script-4-mh6r7 pod: go-component-ynanlm-on-pull-request-6f4lz-build-container-pod | init container: working-dir-initializer pod: go-component-ynanlm-on-pull-request-6f4lz-build-container-pod | container step-build: [2025-11-04T09:35:49,028531185+00:00] Validate context path [2025-11-04T09:35:49,033150293+00:00] Update CA trust [2025-11-04T09:35:49,034582088+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-11-04T09:35:51,662519814+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2025-11-04T09:35:51,671536580+00:00] Prepare system (architecture: x86_64) [2025-11-04T09:35:51,758356215+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/go-toolset:1.18.9-14... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:2a625e4afab51b49edb0e5f4ff37d8afbb20ec644ed1e68641358a6305557de3 Copying blob sha256:e76793d6902ad1adb19ede3d720024cf0cd8427b3ff606554a4bcafba03dddf4 Copying blob sha256:0ab0ba77295aca9b12f463cb7198f0b8b6990b41151dbbd4e1b224fe85244b83 Copying blob sha256:4a13c0e9217d70e608f2d5f5d3c5ffa6d9cd16908b3f83a7a97492d355d25a09 Copying config sha256:391a2eac28d98dc72726df1faa77db28f6899a77c91ad40f2bdad62baf041301 Writing manifest to image destination Storing signatures [2025-11-04T09:36:09,584250045+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2025-11-04T09:35:51Z", "com.redhat.component": "go-toolset-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "distribution-scope": "public", "io.buildah.version": "1.41.4", "io.k8s.description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "io.k8s.display-name": "Go 1.18.9", "io.openshift.expose-services": "", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,golang,golang118,rh-golang118,go", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "Red Hat, Inc.", "name": "rhel9/go-toolset", "release": "14", "summary": "Platform for building and running Go Applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhel9/go-toolset/images/1.18.9-14", "vcs-ref": "48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1.18.9", "org.opencontainers.image.revision": "48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d" } [2025-11-04T09:36:09,638962558+00:00] Register sub-man Adding the entitlement to the build [2025-11-04T09:36:09,643428672+00:00] Add secrets [2025-11-04T09:36:09,663323372+00:00] Run buildah build [2025-11-04T09:36:09,664891060+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 --label org.opencontainers.image.revision=48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2025-11-04T09:35:51Z --annotation org.opencontainers.image.revision=48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.LgyZYt -t quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 . STEP 1/10: FROM registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 STEP 2/10: COPY . . STEP 3/10: RUN go mod download go: no module dependencies to download STEP 4/10: RUN go build -o ./main STEP 5/10: ENV PORT 8081 STEP 6/10: EXPOSE 8081 STEP 7/10: CMD [ "./main" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05" "org.opencontainers.image.revision"="48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2025-11-04T09:35:51Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 --> b389e219cf40 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 b389e219cf40d75087221ee94a18fa2e3c9925b49657939d8a87085e47d7d89c [2025-11-04T09:36:12,175603816+00:00] Unsetting proxy [2025-11-04T09:36:12,177206481+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 registry.access.redhat.com/ubi9/go-toolset:1.18.9-14@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 Getting image source signatures Copying blob sha256:5a887cf97146b20c99bef4ed9f6124cf6ee35bb39b4013a8206dc1ed529dfbd8 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying config sha256:b389e219cf40d75087221ee94a18fa2e3c9925b49657939d8a87085e47d7d89c Writing manifest to image destination [2025-11-04T09:36:20,919648134+00:00] End build pod: go-component-ynanlm-on-pull-request-6f4lz-build-container-pod | container step-push: [2025-11-04T09:36:21,186446389+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-11-04T09:36:23,930253121+00:00] Convert image [2025-11-04T09:36:23,931616420+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:go-component-ynanlm-on-pull-request-6f4lz-build-container Executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 docker://quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:go-component-ynanlm-on-pull-request-6f4lz-build-container [2025-11-04T09:36:43,520754868+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 Executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 docker://quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 [2025-11-04T09:36:46,378694032+00:00] End push pod: go-component-ynanlm-on-pull-request-6f4lz-build-container-pod | container step-sbom-syft-generate: [2025-11-04T09:36:46,560981094+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2025-11-04T09:37:06,537927630+00:00] End sbom-syft-generate pod: go-component-ynanlm-on-pull-request-6f4lz-build-container-pod | container step-prepare-sboms: [2025-11-04T09:37:07,369954331+00:00] Prepare SBOM [2025-11-04T09:37:07,374703032+00:00] Generate SBOM with mobster 2025-11-04 09:37:16,912 [INFO] mobster.log: Logging level set to 20 2025-11-04 09:37:18,080 [INFO] mobster.main: Exiting with code 0. [2025-11-04T09:37:18,175656766+00:00] End prepare-sboms pod: go-component-ynanlm-on-pull-request-6f4lz-build-container-pod | container step-upload-sbom: [2025-11-04T09:37:18,972687242+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm Pushing sbom to registry Executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05@sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09 quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm@sha256:65531b60473047572156402cb2e7f30c6f343c189853f653404f9060fa5f2c95 [2025-11-04T09:37:24,235642364+00:00] End upload-sbom pod: go-component-ynanlm-on-pull-request-6f4lz-build-image-index-pod | init container: prepare 2025/11/04 09:37:29 Entrypoint initialization pod: go-component-ynanlm-on-pull-request-6f4lz-build-image-index-pod | init container: place-scripts 2025/11/04 09:37:30 Decoded script /tekton/scripts/script-0-cmd4k 2025/11/04 09:37:30 Decoded script /tekton/scripts/script-1-skfd8 2025/11/04 09:37:30 Decoded script /tekton/scripts/script-2-8flbr pod: go-component-ynanlm-on-pull-request-6f4lz-build-image-index-pod | container step-build: 58f97f2a2190bfb6bc95e2b885be5d4b4c063d2283df4169deb58a6786d392dd Skipping image index generation. Returning results for quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm@sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09. pod: go-component-ynanlm-on-pull-request-6f4lz-build-image-index-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: go-component-ynanlm-on-pull-request-6f4lz-build-image-index-pod | container step-upload-sbom: The index.spdx.json file does not exists. Skipping the SBOM upload... pod: go-component-ynanlm-on-pull-request-6f4lz-clamav-scan-pod | init container: prepare 2025/11/04 09:38:05 Entrypoint initialization pod: go-component-ynanlm-on-pull-request-6f4lz-clamav-scan-pod | init container: place-scripts 2025/11/04 09:38:12 Decoded script /tekton/scripts/script-0-zt87m 2025/11/04 09:38:12 Decoded script /tekton/scripts/script-1-zmkx8 pod: go-component-ynanlm-on-pull-request-6f4lz-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Extracting image(s). Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 33.843 sec (0 m 33 s) Start Date: 2025:11:04 09:39:05 End Date: 2025:11:04 09:39:39 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27812/Mon Nov 3 10:44:22 2025 Database version: 27812 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1762249179","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1762249179","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1762249179","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05", "digests": ["sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09"]}} pod: go-component-ynanlm-on-pull-request-6f4lz-clamav-scan-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm Attaching to quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05@sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09 clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading d3f08f7d3e0d clamscan-ec-test-amd64.json Uploading 28c7b6fc443a clamscan-result-amd64.log Uploaded 28c7b6fc443a clamscan-result-amd64.log Uploaded d3f08f7d3e0d clamscan-ec-test-amd64.json Uploading 63124e455c67 application/vnd.oci.image.manifest.v1+json Uploaded 63124e455c67 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05@sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09 Digest: sha256:63124e455c6767d0ef17133ef8760a188d252c51e1a2d4b8d5b501e4a768545a pod: go-component-ynanlm-on-pull-request-6f4lz-clone-repository-pod | init container: prepare 2025/11/04 09:34:28 Entrypoint initialization pod: go-component-ynanlm-on-pull-request-6f4lz-clone-repository-pod | init container: place-scripts 2025/11/04 09:34:28 Decoded script /tekton/scripts/script-0-n9wqt 2025/11/04 09:34:28 Decoded script /tekton/scripts/script-1-xw628 pod: go-component-ynanlm-on-pull-request-6f4lz-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1762248877.776547,"caller":"git/git.go:384","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1762248878.2623088,"caller":"git/git.go:218","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ 48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1762248878.2623577,"caller":"git/git.go:384","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1762248878.2964547,"caller":"git/git.go:267","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision 48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 directly. pod: go-component-ynanlm-on-pull-request-6f4lz-clone-repository-pod | container step-symlink-check: Running symlink check pod: go-component-ynanlm-on-pull-request-6f4lz-init-pod | init container: prepare 2025/11/04 09:34:19 Entrypoint initialization pod: go-component-ynanlm-on-pull-request-6f4lz-init-pod | init container: place-scripts 2025/11/04 09:34:19 Decoded script /tekton/scripts/script-0-dcrkx pod: go-component-ynanlm-on-pull-request-6f4lz-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 Determine if Image Already Exists pod: go-component-ynanlm-on-pull-request-6f4lz-push-dockerfile-pod | init container: prepare 2025/11/04 09:38:21 Entrypoint initialization pod: go-component-ynanlm-on-pull-request-6f4lz-push-dockerfile-pod | init container: place-scripts 2025/11/04 09:38:27 Decoded script /tekton/scripts/script-0-kfglq pod: go-component-ynanlm-on-pull-request-6f4lz-push-dockerfile-pod | init container: working-dir-initializer pod: go-component-ynanlm-on-pull-request-6f4lz-push-dockerfile-pod | container step-push: [2025-11-04T09:38:36,454525497+00:00] Validate context path Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 Using token for quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm Pushing Dockerfile to registry Executing: oras push --no-tty --format json --registry-config /tmp/tmp.os6DbKrV4c --artifact-type application/vnd.konflux.dockerfile quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:sha256-56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09.dockerfile Dockerfile pod: go-component-ynanlm-on-pull-request-6f4lz-sast-snyk-check-pod | init container: prepare 2025/11/04 09:37:56 Entrypoint initialization pod: go-component-ynanlm-on-pull-request-6f4lz-sast-snyk-check-pod | init container: place-scripts 2025/11/04 09:38:08 Decoded script /tekton/scripts/script-0-w8s86 2025/11/04 09:38:08 Decoded script /tekton/scripts/script-1-2m7zb pod: go-component-ynanlm-on-pull-request-6f4lz-sast-snyk-check-pod | init container: working-dir-initializer pod: go-component-ynanlm-on-pull-request-6f4lz-sast-snyk-check-pod | container step-sast-snyk-check: The PROJECT_NAME used is: go-component-ynanlm INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' {"result":"SKIPPED","timestamp":"2025-11-04T09:38:35+00:00","note":"Task sast-snyk-check skipped: If you wish to use the Snyk code SAST task, please create a secret name snyk-secret with the key 'snyk_token' containing the Snyk token by following the steps given [here](https://konflux-ci.dev/docs/testing/build/snyk/)","namespace":"default","successes":0,"failures":0,"warnings":0} pod: go-component-ynanlm-on-pull-request-6f4lz-sast-snyk-check-pod | container step-upload: No sast_snyk_check_out.sarif exists. Skipping upload. No excluded-findings.json exists. Skipping upload. pod: go-component-ynanlm-on-pull145d585767bbdc7e67fac84abcc9be85-pod | init container: prepare 2025/11/04 09:34:44 Entrypoint initialization pod: go-component-ynanlm-on-pull145d585767bbdc7e67fac84abcc9be85-pod | init container: place-scripts 2025/11/04 09:34:44 Decoded script /tekton/scripts/script-0-876hr 2025/11/04 09:34:44 Decoded script /tekton/scripts/script-1-5759n pod: go-component-ynanlm-on-pull145d585767bbdc7e67fac84abcc9be85-pod | container step-sanitize-config-file-with-yq: pod: go-component-ynanlm-on-pull145d585767bbdc7e67fac84abcc9be85-pod | container step-prefetch-dependencies: No prefetch will be performed because no input was provided pod: go-component-ynanlm-on-pull1f44a0de05e23e517a94d6d3d8869996-pod | init container: prepare 2025/11/04 09:38:08 Entrypoint initialization pod: go-component-ynanlm-on-pull1f44a0de05e23e517a94d6d3d8869996-pod | init container: place-scripts 2025/11/04 09:38:24 Decoded script /tekton/scripts/script-0-tcqzv 2025/11/04 09:38:24 Decoded script /tekton/scripts/script-1-4vlpn pod: go-component-ynanlm-on-pull1f44a0de05e23e517a94d6d3d8869996-pod | init container: working-dir-initializer pod: go-component-ynanlm-on-pull1f44a0de05e23e517a94d6d3d8869996-pod | container step-sast-unicode-check: + . /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=go-component-ynanlm + echo 'INFO: The PROJECT_NAME used is: go-component-ynanlm' + SCAN_PROP= + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors INFO: The PROJECT_NAME used is: go-component-ynanlm INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ echo https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 ++ awk -F# '{print $1}' + GIT_URL=https://github.com/siddhesh/find-unicode-control.git ++ echo https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 ++ awk -F# '{print $2}' + REV=c2accbfbba7553a8bc1ebd97089ae08ad8347e58 + git clone https://github.com/siddhesh/find-unicode-control.git find-unicode-control Cloning into 'find-unicode-control'... + [[ -n c2accbfbba7553a8bc1ebd97089ae08ad8347e58 ]] + git -C ./find-unicode-control/ checkout c2accbfbba7553a8bc1ebd97089ae08ad8347e58 Note: switching to 'c2accbfbba7553a8bc1ebd97089ae08ad8347e58'. You are in 'detached HEAD' state. You can look around, make experimental changes and commit them, and you can discard any commits you make in this state without impacting any branches by switching back to a branch. If you want to create a new branch to retain commits you create, you may do so (now or later) by using -c with the switch command. Example: git switch -c Or undo this operation with: git switch - Turn off this advice by setting config variable advice.detachedHead to false HEAD is now at c2accbf Add minimal pyproject.toml to enable pip install + SCAN_PROP=find-unicode-control-git-url:https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 + FUC_EXIT_CODE=0 + LANG=en_US.utf8 + ./find-unicode-control/find_unicode_control.py -p bidi -v -d -t /workspace/workspace/source + [[ 0 -ne 0 ]] + sed -i raw_sast_unicode_check_out.txt -E -e 's|(.*:[0-9]+)(.*)|\1: warning:\2|' -e 's|^|Error: UNICONTROL_WARNING:\n|' + CSGERP_OPTS=(--mode=json --remove-duplicates --embed-context=3 --set-scan-prop="${SCAN_PROP}" --strip-path-prefix="${SOURCE_CODE_DIR}"/source/) + csgrep --mode=json --remove-duplicates --embed-context=3 --set-scan-prop=find-unicode-control-git-url:https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 --strip-path-prefix=/workspace/workspace/source/ raw_sast_unicode_check_out.txt + csgrep --mode=evtstat processed_sast_unicode_check_out.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' + mv processed_sast_unicode_check_out.json sast_unicode_check_out.json INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered + csgrep --mode=sarif sast_unicode_check_out.json + [[ 0 -eq 0 ]] + note='Task sast-unicode-check success: No finding was detected' ++ make_result_json -r SUCCESS -t 'Task sast-unicode-check success: No finding was detected' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-unicode-check success: No finding was detected' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2025-11-04T09:38:39+00:00 --arg result SUCCESS --arg note 'Task sast-unicode-check success: No finding was detected' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2025-11-04T09:38:39+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2025-11-04T09:38:39+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + ERROR_OUTPUT='{"result":"SUCCESS","timestamp":"2025-11-04T09:38:39+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2025-11-04T09:38:39+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2025-11-04T09:38:39+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: go-component-ynanlm-on-pull1f44a0de05e23e517a94d6d3d8869996-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm Attaching to quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05@sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09 sast_unicode_check_out.sarif:application/sarif+json Preparing sast_unicode_check_out.sarif Uploading ee05835e28d3 sast_unicode_check_out.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploaded ee05835e28d3 sast_unicode_check_out.sarif Uploading 01030e73345a application/vnd.oci.image.manifest.v1+json Uploaded 01030e73345a application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05@sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09 Digest: sha256:01030e73345aec9386cb694a9ff0c922a3c316b87d261044727170a4bf9a7c72 No excluded-findings.json exists. Skipping upload. pod: go-component-ynanlm-on-pullca0da2bd987f57a8210cd647b89118e3-pod | init container: prepare 2025/11/04 09:38:12 Entrypoint initialization pod: go-component-ynanlm-on-pullca0da2bd987f57a8210cd647b89118e3-pod | init container: place-scripts 2025/11/04 09:38:27 Decoded script /tekton/scripts/script-0-qdnqt 2025/11/04 09:38:27 Decoded script /tekton/scripts/script-1-nmt5f pod: go-component-ynanlm-on-pullca0da2bd987f57a8210cd647b89118e3-pod | container step-rpms-signature-scan: + set -o pipefail + rpm_verifier --image-url quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05 --image-digest sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09 --workdir /tmp Image: quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm@sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09 No unsigned RPMs found {'keys': {'199e2f91fd431d51': 419, 'unsigned': 0}} ==================================== Final results: {"keys": {"199e2f91fd431d51": 419, "unsigned": 0}} Images processed: {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05", "digests": ["sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09"]}} pod: go-component-ynanlm-on-pullca0da2bd987f57a8210cd647b89118e3-pod | container step-output-results: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index ++ cat /tmp/status + status=SUCCESS ++ cat /tmp/results + rpms_data='{"keys": {"199e2f91fd431d51": 419, "unsigned": 0}}' ++ cat /tmp/images_processed + images_processed='{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05", "digests": ["sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09"]}}' + '[' SUCCESS == ERROR ']' + note='Task rpms-signature-scan completed successfully' ++ make_result_json -r SUCCESS -t 'Task rpms-signature-scan completed successfully' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task rpms-signature-scan completed successfully' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2025-11-04T09:40:56+00:00 --arg result SUCCESS --arg note 'Task rpms-signature-scan completed successfully' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2025-11-04T09:40:56+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2025-11-04T09:40:56+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2025-11-04T09:40:56+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2025-11-04T09:40:56+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2025-11-04T09:40:56+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0} + echo '{"keys": {"199e2f91fd431d51": 419, "unsigned": 0}}' + tee /tekton/results/RPMS_DATA {"keys": {"199e2f91fd431d51": 419, "unsigned": 0}} + echo '{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05", "digests": ["sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09"]}}' + tee /tekton/results/IMAGES_PROCESSED {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-xxjb/go-component-ynanlm:on-pr-48dc6b75c0bf96b3b3d30b6c0f1d2fd77b5fff05", "digests": ["sha256:56f28fac4232379019a398c6984da709c776c1ee9aef6f41c57592d757750e09"]}}