pod: python-component-duyxmw-on-043150512595c97d79b1725279242c44-pod | init container: prepare 2025/12/19 02:09:50 Entrypoint initialization pod: python-component-duyxmw-on-043150512595c97d79b1725279242c44-pod | init container: place-scripts 2025/12/19 02:09:52 Decoded script /tekton/scripts/script-0-ncl29 2025/12/19 02:09:52 Decoded script /tekton/scripts/script-1-blvzk 2025/12/19 02:09:52 Decoded script /tekton/scripts/script-2-md2kr 2025/12/19 02:09:52 Decoded script /tekton/scripts/script-3-ghqsk 2025/12/19 02:09:52 Decoded script /tekton/scripts/script-4-q8grl pod: python-component-duyxmw-on-043150512595c97d79b1725279242c44-pod | init container: working-dir-initializer pod: python-component-duyxmw-on-043150512595c97d79b1725279242c44-pod | container step-build: [2025-12-19T02:09:58,220489697+00:00] Validate context path [2025-12-19T02:09:58,224956028+00:00] Update CA trust [2025-12-19T02:09:58,226542076+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-12-19T02:10:01,012586067+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2025-12-19T02:10:01,022367173+00:00] Prepare system (architecture: x86_64) [2025-12-19T02:10:01,183010854+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/python-39:1-117.1684741281... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:8a2e9815396eaa57b0dfe27b2dfc442417f06aa70974c358f198980b533c7942 Copying blob sha256:085efe85e9dfb0b3d5d2392e4b78660a3091bf1ded336315117a627fbdd0567d Copying blob sha256:a07d808ddf4404b3885fef6100142a973cc667b2c3c4abcf4db96508795b1efb Copying blob sha256:5465449a2ea5d8a7e05fa498c8ba35f0ce7714b0ad37e716961fca17dfa1ef13 Copying config sha256:45c8f23c11bb64f238236aaf5cbe05595778e1d4fb6c06109c6fcc0a6b57a45b Writing manifest to image destination Storing signatures [2025-12-19T02:10:33,499868955+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2025-12-19T02:10:01Z", "com.redhat.component": "python-39-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "distribution-scope": "public", "io.buildah.version": "1.41.4", "io.buildpacks.stack.id": "com.redhat.stacks.ubi9-python-39", "io.k8s.description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "io.k8s.display-name": "Python 3.9", "io.openshift.expose-services": "8080:http", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,python,python39,python-39,rh-python39", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "SoftwareCollections.org ", "name": "ubi9/python-39", "release": "117.1684741281", "summary": "Platform for building and running Python 3.9 applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi9/python-39/images/1-117.1684741281", "usage": "s2i build https://github.com/sclorg/s2i-python-container.git --context-dir=3.9/test/setup-test-app/ ubi9/python-39 python-sample-app", "vcs-ref": "f73a86ed7dd96babb3d581e5f08d66f312f0d967", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1", "org.opencontainers.image.revision": "f73a86ed7dd96babb3d581e5f08d66f312f0d967", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2025-12-19T02:10:01Z" } [2025-12-19T02:10:33,558403985+00:00] Register sub-man Adding the entitlement to the build [2025-12-19T02:10:33,563672131+00:00] Add secrets [2025-12-19T02:10:33,802266275+00:00] Run buildah build [2025-12-19T02:10:33,804206864+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=f73a86ed7dd96babb3d581e5f08d66f312f0d967 --label org.opencontainers.image.revision=f73a86ed7dd96babb3d581e5f08d66f312f0d967 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2025-12-19T02:10:01Z --label org.opencontainers.image.created=2025-12-19T02:10:01Z --annotation org.opencontainers.image.revision=f73a86ed7dd96babb3d581e5f08d66f312f0d967 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2025-12-19T02:10:01Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.LhWPYc -t quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 . STEP 1/10: FROM registry.access.redhat.com/ubi9/python-39:1-117.1684741281 STEP 2/10: EXPOSE 8081/tcp STEP 3/10: ENV FLASK_PORT=8081 STEP 4/10: WORKDIR /projects STEP 5/10: COPY . . STEP 6/10: RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; elif [ `ls -1q *.txt | wc -l` == 1 ]; then pip install -r *.txt; fi Collecting Flask==2.3.3 Downloading flask-2.3.3-py3-none-any.whl (96 kB) Collecting blinker>=1.6.2 Downloading blinker-1.9.0-py3-none-any.whl (8.5 kB) Collecting Jinja2>=3.1.2 Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) Collecting click>=8.1.3 Downloading click-8.1.8-py3-none-any.whl (98 kB) Collecting importlib-metadata>=3.6.0 Downloading importlib_metadata-8.7.0-py3-none-any.whl (27 kB) Collecting itsdangerous>=2.1.2 Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Collecting Werkzeug>=2.3.7 Downloading werkzeug-3.1.4-py3-none-any.whl (224 kB) Collecting zipp>=3.20 Downloading zipp-3.23.0-py3-none-any.whl (10 kB) Collecting MarkupSafe>=2.0 Downloading markupsafe-3.0.3-cp39-cp39-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (20 kB) Installing collected packages: zipp, MarkupSafe, Werkzeug, Jinja2, itsdangerous, importlib-metadata, click, blinker, Flask Successfully installed Flask-2.3.3 Jinja2-3.1.6 MarkupSafe-3.0.3 Werkzeug-3.1.4 blinker-1.9.0 click-8.1.8 importlib-metadata-8.7.0 itsdangerous-2.2.0 zipp-3.23.0 WARNING: You are using pip version 21.3.1; however, version 25.3 is available. You should consider upgrading via the '/opt/app-root/bin/python3.9 -m pip install --upgrade pip' command. STEP 7/10: CMD [ "python", "./app.py" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="f73a86ed7dd96babb3d581e5f08d66f312f0d967" "org.opencontainers.image.revision"="f73a86ed7dd96babb3d581e5f08d66f312f0d967" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2025-12-19T02:10:01Z" "org.opencontainers.image.created"="2025-12-19T02:10:01Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 --> 866d4e65ee24 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 866d4e65ee240e0da76218d31875b50bf852e05fd1b8e8f208a0ac641f9a68da [2025-12-19T02:10:41,965778954+00:00] Unsetting proxy [2025-12-19T02:10:41,967583773+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/python-39:1-117.1684741281 registry.access.redhat.com/ubi9/python-39:1-117.1684741281@sha256:40a58935b9c22664927b22bf256f53a3d744ddb7316f3af18061099e199526ee Getting image source signatures Copying blob sha256:9f7b9c3f2b95ecf0b02351f31b566b62fdb0a96e5e69d9c0cde36410442241fc Copying blob sha256:d93d3cc0bc0c5ed9655bcdcf31183ed0b570076c0e6a13e0d7cb907d0b877b00 Copying blob sha256:629980bfa23ec05ce5acc61ed2866ddf8713f40bb2a61f0850395082f1457220 Copying blob sha256:d661a108c347030c3ef626a0e0020e084fba1e1023193824f5395fa90ef40bde Copying blob sha256:bc8a0003b3470be53e5cf295daf38c287d3f20ab90e8f5c2b6f17406b158d323 Copying config sha256:866d4e65ee240e0da76218d31875b50bf852e05fd1b8e8f208a0ac641f9a68da Writing manifest to image destination [2025-12-19T02:11:06,005385780+00:00] End build pod: python-component-duyxmw-on-043150512595c97d79b1725279242c44-pod | container step-push: [2025-12-19T02:11:06,686038724+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-12-19T02:11:10,454026454+00:00] Convert image [2025-12-19T02:11:10,455603362+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:python-component-duyxmw-on-pull-request-6q8bt-build-container Executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 docker://quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:python-component-duyxmw-on-pull-request-6q8bt-build-container [2025-12-19T02:11:42,639484903+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 Executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 docker://quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 sha256:7f7d5ea08821ca299f20b32c5ca66d8d59e031b6e329348a5d98283ea29d9904quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 [2025-12-19T02:11:44,467409468+00:00] End push pod: python-component-duyxmw-on-043150512595c97d79b1725279242c44-pod | container step-sbom-syft-generate: [2025-12-19T02:11:44,857995051+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2025-12-19T02:12:00,423248738+00:00] End sbom-syft-generate pod: python-component-duyxmw-on-043150512595c97d79b1725279242c44-pod | container step-prepare-sboms: [2025-12-19T02:12:01,028650751+00:00] Prepare SBOM [2025-12-19T02:12:01,034690500+00:00] Generate SBOM with mobster Skipping SBOM validation 2025-12-19 02:12:02,240 [INFO] mobster.log: Logging level set to 20 2025-12-19 02:12:02,649 [INFO] mobster.oci: Fetching manifest for registry.access.redhat.com/ubi9/python-39@sha256:40a58935b9c22664927b22bf256f53a3d744ddb7316f3af18061099e199526ee 2025-12-19 02:12:08,374 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2025-12-19 02:12:08,374 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2025-12-19 02:12:08,377 [INFO] mobster.log: Contextual workflow completed in 5.83s 2025-12-19 02:12:08,508 [INFO] mobster.main: Exiting with code 0. [2025-12-19T02:12:08,572306873+00:00] End prepare-sboms pod: python-component-duyxmw-on-043150512595c97d79b1725279242c44-pod | container step-upload-sbom: [2025-12-19T02:12:09,206576711+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw Pushing sbom to registry Executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967@sha256:7f7d5ea08821ca299f20b32c5ca66d8d59e031b6e329348a5d98283ea29d9904 quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw@sha256:4eff0b7e5c5117e48477f27b060f85a54e010c02df76eae00c064e563ccc09b0 [2025-12-19T02:12:12,638614123+00:00] End upload-sbom pod: python-component-duyxmw-on-36cebf4bbf6eb2c85568ddc7dce29c4b-pod | init container: prepare 2025/12/19 02:12:45 Entrypoint initialization pod: python-component-duyxmw-on-36cebf4bbf6eb2c85568ddc7dce29c4b-pod | init container: place-scripts 2025/12/19 02:12:48 Decoded script /tekton/scripts/script-0-qcskt pod: python-component-duyxmw-on-36cebf4bbf6eb2c85568ddc7dce29c4b-pod | init container: working-dir-initializer pod: python-component-duyxmw-on-36cebf4bbf6eb2c85568ddc7dce29c4b-pod | container step-push: [2025-12-19T02:12:59,351503383+00:00] Validate context path Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 Using token for quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw Pushing Dockerfile to registry Executing: oras push --no-tty --format json --registry-config /tmp/tmp.Hc4bCvEF65 --artifact-type application/vnd.konflux.dockerfile quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:sha256-7f7d5ea08821ca299f20b32c5ca66d8d59e031b6e329348a5d98283ea29d9904.dockerfile Dockerfile pod: python-component-duyxmw-on-3e37c98f0f8ae1e7df5bbca6898054a8-pod | init container: prepare 2025/12/19 02:12:31 Entrypoint initialization pod: python-component-duyxmw-on-3e37c98f0f8ae1e7df5bbca6898054a8-pod | init container: place-scripts 2025/12/19 02:12:35 Decoded script /tekton/scripts/script-0-bd4xw 2025/12/19 02:12:35 Decoded script /tekton/scripts/script-1-78x5s 2025/12/19 02:12:35 Decoded script /tekton/scripts/script-2-pq9kz 2025/12/19 02:12:35 Decoded script /tekton/scripts/script-3-ss5bd 2025/12/19 02:12:35 Decoded script /tekton/scripts/script-4-c4q8j 2025/12/19 02:12:35 Decoded script /tekton/scripts/script-5-8stf2 pod: python-component-duyxmw-on-3e37c98f0f8ae1e7df5bbca6898054a8-pod | container step-introspect: Artifact type will be determined by introspection. Checking the media type of the OCI artifact... Executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 The media type of the OCI artifact is application/vnd.docker.distribution.manifest.v2+json. Looking for image labels that indicate this might be an operator bundle... Executing: skopeo inspect --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 Found 0 matching labels. Expecting 3 or more to identify this image as an operator bundle. Introspection concludes that this artifact is of type "application". pod: python-component-duyxmw-on-3e37c98f0f8ae1e7df5bbca6898054a8-pod | container step-generate-container-auth: Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 Using token for quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw Auth json written to "/auth/auth.json". pod: python-component-duyxmw-on-3e37c98f0f8ae1e7df5bbca6898054a8-pod | container step-set-skip-for-bundles: 2025/12/19 02:12:59 INFO Step was skipped due to when expressions were evaluated to false. pod: python-component-duyxmw-on-3e37c98f0f8ae1e7df5bbca6898054a8-pod | container step-app-check: time="2025-12-19T02:13:00Z" level=info msg="certification library version" version="1.15.2 " time="2025-12-19T02:13:01Z" level=info msg="running checks for quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 for platform amd64" time="2025-12-19T02:13:01Z" level=info msg="target image" image="quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967" time="2025-12-19T02:13:31Z" level=info msg="check completed" check=HasLicense result=FAILED time="2025-12-19T02:13:31Z" level=info msg="check completed" check=HasUniqueTag result=PASSED time="2025-12-19T02:13:31Z" level=info msg="check completed" check=LayerCountAcceptable result=PASSED time="2025-12-19T02:13:31Z" level=info msg="check completed" check=HasNoProhibitedPackages result=PASSED time="2025-12-19T02:13:31Z" level=info msg="check completed" check=HasRequiredLabel result=PASSED time="2025-12-19T02:13:31Z" level=info msg="USER 1001 specified that is non-root" check=RunAsNonRoot time="2025-12-19T02:13:31Z" level=info msg="check completed" check=RunAsNonRoot result=PASSED time="2025-12-19T02:13:50Z" level=info msg="check completed" check=HasModifiedFiles result=PASSED time="2025-12-19T02:13:51Z" level=info msg="check completed" check=BasedOnUbi result=PASSED time="2025-12-19T02:13:51Z" level=info msg="This image's tag on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 will be paired with digest sha256:7f7d5ea08821ca299f20b32c5ca66d8d59e031b6e329348a5d98283ea29d9904 once this image has been published in accordance with Red Hat Certification policy. You may then add or remove any supplemental tags through your Red Hat Connect portal as you see fit." time="2025-12-19T02:13:52Z" level=info msg="Preflight result: FAILED" { "image": "quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967", "passed": false, "test_library": { "name": "github.com/redhat-openshift-ecosystem/openshift-preflight", "version": "1.15.2", "commit": "6ee1ef78b1e65bdb3042588f9f0b7a4406333209" }, "results": { "passed": [ { "name": "HasUniqueTag", "elapsed_time": 0, "description": "Checking if container has a tag other than 'latest', so that the image can be uniquely identified." }, { "name": "LayerCountAcceptable", "elapsed_time": 0, "description": "Checking if container has less than 40 layers. Too many layers within the container images can degrade container performance." }, { "name": "HasNoProhibitedPackages", "elapsed_time": 130, "description": "Checks to ensure that the image in use does not include prohibited packages, such as Red Hat Enterprise Linux (RHEL) kernel packages." }, { "name": "HasRequiredLabel", "elapsed_time": 0, "description": "Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata" }, { "name": "RunAsNonRoot", "elapsed_time": 0, "description": "Checking if container runs as the root user because a container that does not specify a non-root user will fail the automatic certification, and will be subject to a manual review before the container can be approved for publication" }, { "name": "HasModifiedFiles", "elapsed_time": 18995, "description": "Checks that no files installed via RPM in the base Red Hat layer have been modified" }, { "name": "BasedOnUbi", "elapsed_time": 734, "description": "Checking if the container's base image is based upon the Red Hat Universal Base Image (UBI)" } ], "failed": [ { "name": "HasLicense", "elapsed_time": 0, "description": "Checking if terms and conditions applicable to the software including open source licensing information are present. The license must be at /licenses", "help": "Check HasLicense encountered an error. Please review the preflight.log file for more information.", "suggestion": "Create a directory named /licenses and include all relevant licensing and/or terms and conditions as text file(s) in that directory.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" } ], "errors": [] } } pod: python-component-duyxmw-on-3e37c98f0f8ae1e7df5bbca6898054a8-pod | container step-app-set-outcome: {"result":"FAILURE","timestamp":"1766110432","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: python-component-duyxmw-on-3e37c98f0f8ae1e7df5bbca6898054a8-pod | container step-final-outcome: + [[ ! -f /mount/konflux.results.json ]] + tee /tekton/steps/step-final-outcome/results/test-output {"result":"FAILURE","timestamp":"1766110432","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: python-component-duyxmw-on-5d88a54883fc97beca2e2ebdbda2b4e2-pod | init container: prepare 2025/12/19 02:12:35 Entrypoint initialization pod: python-component-duyxmw-on-5d88a54883fc97beca2e2ebdbda2b4e2-pod | init container: place-scripts 2025/12/19 02:12:45 Decoded script /tekton/scripts/script-0-4m6wp 2025/12/19 02:12:45 Decoded script /tekton/scripts/script-1-rxdv6 pod: python-component-duyxmw-on-5d88a54883fc97beca2e2ebdbda2b4e2-pod | init container: working-dir-initializer pod: python-component-duyxmw-on-5d88a54883fc97beca2e2ebdbda2b4e2-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=python-component-duyxmw + echo 'INFO: The PROJECT_NAME used is: python-component-duyxmw' INFO: The PROJECT_NAME used is: python-component-duyxmw + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/workspace/workspace/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/workspace/workspace/source/. ++ realpath -m /workspace/workspace/source/. + resolved_path=/workspace/workspace/source + [[ /workspace/workspace/source == \/\w\o\r\k\s\p\a\c\e\/\w\o\r\k\s\p\a\c\e\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' + /usr/share/csmock/scripts/run-shellcheck.sh /workspace/workspace/source Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/sendemail-validate.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/update.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/workspace/workspace/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-109.json ./shellcheck-results/sc-122.json ./shellcheck-results/sc-131.json ./shellcheck-results/sc-135.json ./shellcheck-results/sc-140.json ./shellcheck-results/sc-89.json ./shellcheck-results/sc-92.json ./shellcheck-results/sc-93.json ./shellcheck-results/sc-96.json ./shellcheck-results/sc-99.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' + echo 'ShellCheck results have been saved to shellcheck-results.json' + csgrep --mode=evtstat shellcheck-results.json INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered ShellCheck results have been saved to shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + note='Task sast-shell-check completed successfully.' ++ make_result_json -r SUCCESS -t 'Task sast-shell-check completed successfully.' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-shell-check completed successfully.' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2025-12-19T02:13:01+00:00 --arg result SUCCESS --arg note 'Task sast-shell-check completed successfully.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2025-12-19T02:13:01+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2025-12-19T02:13:01+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2025-12-19T02:13:01+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2025-12-19T02:13:01+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2025-12-19T02:13:01+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: python-component-duyxmw-on-5d88a54883fc97beca2e2ebdbda2b4e2-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw Attaching to quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967@sha256:7f7d5ea08821ca299f20b32c5ca66d8d59e031b6e329348a5d98283ea29d9904 shellcheck-results.sarif:application/sarif+json Preparing shellcheck-results.sarif Uploading 3b606a9dd3a1 shellcheck-results.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploaded 3b606a9dd3a1 shellcheck-results.sarif Uploading 5214786b6186 application/vnd.oci.image.manifest.v1+json Uploaded 5214786b6186 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw:on-pr-f73a86ed7dd96babb3d581e5f08d66f312f0d967@sha256:7f7d5ea08821ca299f20b32c5ca66d8d59e031b6e329348a5d98283ea29d9904 Digest: sha256:5214786b618608c4bcd1985430924f6474d11f37ffb5184472161a73a7c1a245 No excluded-findings.json exists. Skipping upload. pod: python-component-duyxmw-on-a902c03bd9bb74697ff5ec23684b0949-pod | init container: prepare 2025/12/19 02:08:39 Entrypoint initialization pod: python-component-duyxmw-on-a902c03bd9bb74697ff5ec23684b0949-pod | init container: place-scripts 2025/12/19 02:08:42 Decoded script /tekton/scripts/script-0-6mknc 2025/12/19 02:08:42 Decoded script /tekton/scripts/script-1-554ml pod: python-component-duyxmw-on-a902c03bd9bb74697ff5ec23684b0949-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1766110152.1169493,"caller":"git/git.go:384","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1766110153.556224,"caller":"git/git.go:218","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ f73a86ed7dd96babb3d581e5f08d66f312f0d967 (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1766110153.5562887,"caller":"git/git.go:384","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1766110153.5919218,"caller":"git/git.go:267","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision f73a86ed7dd96babb3d581e5f08d66f312f0d967 directly. pod: python-component-duyxmw-on-a902c03bd9bb74697ff5ec23684b0949-pod | container step-symlink-check: Running symlink check pod: python-component-duyxmw-on-d8f95e43302ee993785f161e5b007530-pod | init container: prepare 2025/12/19 02:12:16 Entrypoint initialization pod: python-component-duyxmw-on-d8f95e43302ee993785f161e5b007530-pod | init container: place-scripts 2025/12/19 02:12:17 Decoded script /tekton/scripts/script-0-pcjlg 2025/12/19 02:12:17 Decoded script /tekton/scripts/script-1-nl8zp 2025/12/19 02:12:17 Decoded script /tekton/scripts/script-2-nnvcn pod: python-component-duyxmw-on-d8f95e43302ee993785f161e5b007530-pod | container step-build: [2025-12-19T02:12:19,242621954+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' a8ef2a22d281b742b12f5c37e73071970762917a7734cd14895f266889b84d6b Skipping image index generation. Returning results for quay.io/redhat-appstudio-qe/build-e2e-uper/python-component-duyxmw@sha256:7f7d5ea08821ca299f20b32c5ca66d8d59e031b6e329348a5d98283ea29d9904. pod: python-component-duyxmw-on-d8f95e43302ee993785f161e5b007530-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: python-component-duyxmw-on-d8f95e43302ee993785f161e5b007530-pod | container step-upload-sbom: [2025-12-19T02:12:22,789732943+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: python-component-duyxmw-on-dba4665215fa2a71f55418e3da1157db-pod | init container: prepare 2025/12/19 02:12:31 Entrypoint initialization pod: python-component-duyxmw-on-dba4665215fa2a71f55418e3da1157db-pod | init container: place-scripts 2025/12/19 02:12:36 Decoded script /tekton/scripts/script-0-8pb8z 2025/12/19 02:12:36 Decoded script /tekton/scripts/script-1-td87f pod: python-component-duyxmw-on-dba4665215fa2a71f55418e3da1157db-pod | init container: working-dir-initializer