./mage -v ci:teste2e Running target: CI:TestE2E I0417 19:54:27.083282 18038 magefile.go:529] setting up new custom bundle for testing... I0417 19:54:27.397910 18038 util.go:512] found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776455667-gjku -> user: redhat-appstudio-qe+redhat_appstudio_quality Creating Tekton Bundle: - Added Pipeline: docker-build to image I0417 19:54:28.592760 18038 bundle.go:57] image digest for a new tekton bundle quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776455667-gjku: quay.io/redhat-appstudio-qe/test-images@sha256:36e7a030fc83a482f1492fac3324b771c34fa4be5c123c4237ef088fad678e95 I0417 19:54:28.592801 18038 magefile.go:535] To use the custom docker bundle locally, run below cmd: export CUSTOM_DOCKER_BUILD_PIPELINE_BUNDLE=quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776455667-gjku I0417 19:54:28.592835 18038 e2e_repo.go:347] checking if repository is e2e-tests I0417 19:54:28.592845 18038 release_service.go:50] checking if repository is release-service I0417 19:54:29.647283 18038 release_service_catalog.go:104] checking if repository is release-service-catalog I0417 19:54:29.647302 18038 integration_service.go:49] checking if repository is integration-service I0417 19:54:29.647306 18038 image_controller.go:49] checking if repository is image-controller I0417 19:54:29.647311 18038 build_service.go:50] checking if repository is build-service I0417 19:54:29.647315 18038 build_service.go:31] require sprayproxy registering is set to TRUE I0417 19:54:29.647320 18038 build_service.go:34] setting test label filter: 'build-service' exec: go "install" "-mod=mod" "github.com/onsi/ginkgo/v2/ginkgo" go: downloading github.com/go-task/slim-sprig/v3 v3.0.0 go: downloading github.com/google/pprof v0.0.0-20260106004452-d7df1bf2cac7 I0417 19:54:33.428964 18038 types.go:155] The following rules have matched build-service repo CI Workflow Rule. I0417 19:54:33.428997 18038 types.go:180] Will apply rules exec: ginkgo "--seed=1776455667" "--timeout=1h30m0s" "--grace-period=30s" "--output-interceptor-mode=none" "--label-filter=build-service" "--no-color" "--json-report=e2e-report.json" "--junit-report=e2e-report.xml" "--procs=20" "--nodes=20" "--p" "--output-dir=/workspace/artifact-dir" "./cmd" "--" go: downloading github.com/konflux-ci/build-service v0.0.0-20240611083846-2dee6cfe6fe4 go: downloading github.com/minio/minio-go/v7 v7.0.99 go: downloading github.com/IBM/go-sdk-core/v5 v5.15.3 go: downloading github.com/IBM/vpc-go-sdk v0.48.0 go: downloading github.com/aws/aws-sdk-go-v2 v1.41.3 go: downloading github.com/aws/aws-sdk-go-v2/config v1.31.3 go: downloading github.com/aws/aws-sdk-go-v2/service/ec2 v1.143.0 go: downloading github.com/aws/smithy-go v1.24.2 go: downloading github.com/aws/aws-sdk-go-v2/credentials v1.18.7 go: downloading github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.4 go: downloading github.com/aws/aws-sdk-go-v2/service/sso v1.28.2 go: downloading github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 go: downloading github.com/aws/aws-sdk-go-v2/service/sts v1.38.0 go: downloading github.com/aws/aws-sdk-go-v2/service/ssooidc v1.34.0 go: downloading github.com/go-playground/validator/v10 v10.17.0 go: downloading github.com/go-openapi/strfmt v0.23.0 go: downloading github.com/go-ini/ini v1.67.0 go: downloading github.com/minio/crc64nvme v1.1.1 go: downloading github.com/klauspost/crc32 v1.3.0 go: downloading github.com/minio/md5-simd v1.1.2 go: downloading github.com/rs/xid v1.6.0 go: downloading github.com/tinylib/msgp v1.6.1 go: downloading github.com/dustin/go-humanize v1.0.1 go: downloading go.mongodb.org/mongo-driver v1.17.4 go: downloading github.com/go-openapi/errors v0.22.2 go: downloading github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 go: downloading github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c go: downloading github.com/oklog/ulid v1.3.1 go: downloading github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.19 go: downloading github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.19 go: downloading github.com/google/go-github/v45 v45.2.0 go: downloading github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.6 go: downloading github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.19 go: downloading github.com/philhofer/fwd v1.2.0 go: downloading github.com/leodido/go-urn v1.3.0 go: downloading github.com/gabriel-vasile/mimetype v1.4.3 go: downloading github.com/go-playground/universal-translator v0.18.1 go: downloading github.com/go-playground/locales v0.14.1 Running Suite: Red Hat App Studio E2E tests - /tmp/tmp.yuz6csATEt/cmd ===================================================================== Random Seed: 1776455667 Will run 150 of 464 specs Running in parallel across 20 processes SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies if release CR is created [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_advisories.go:117 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies the advs release pipelinerun is running and succeeds [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_advisories.go:127 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_advisories.go:157 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies if the repository URL is valid [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_advisories.go:168 ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification tests that Release CR is created for the Snapshot [release-pipelines, rh-push-to-external-registry] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_push_to_external_registry.go:215 ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build) when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build should have Pipeline Logs [build, build-templates, HACBS, pipeline-service, pipeline] /tmp/tmp.yuz6csATEt/tests/build/build_templates.go:507 ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification verifies a release PipelineRun is started and succeeded in managed namespace [release-pipelines, rh-push-to-external-registry] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_push_to_external_registry.go:226 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies if the release CR is created [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rhtap_service_push.go:150 ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification validate the result of task create-pyxis-image contains image ids [release-pipelines, rh-push-to-external-registry] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_push_to_external_registry.go:233 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies the rhtap release pipelinerun is running and succeeds [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rhtap_service_push.go:160 ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build) when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry verify-enterprise-contract check should pass [build, build-templates, HACBS, pipeline-service, pipeline, sbom, slow, build-templates-e2e] /tmp/tmp.yuz6csATEt/tests/build/build_templates.go:569 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rhtap_service_push.go:190 ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification tests that Release CR has completed [release-pipelines, rh-push-to-external-registry] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_push_to_external_registry.go:248 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies if the PR in infra-deployments repo is created/updated [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rhtap_service_push.go:200 ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification validates that imageIds from task create-pyxis-image exist in Pyxis. [release-pipelines, rh-push-to-external-registry] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_push_to_external_registry.go:265 ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build) build-definitions ec pipelines runs ec pipeline pipelines/enterprise-contract.yaml [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e] /tmp/tmp.yuz6csATEt/tests/build/build_templates.go:744 ------------------------------ SSSSSSSSSSSSSSS ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta) when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta should have Pipeline Logs [build, build-templates, HACBS, pipeline-service, pipeline] /tmp/tmp.yuz6csATEt/tests/build/build_templates.go:507 ------------------------------ SS ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params when context points to a file [build-templates] /tmp/tmp.yuz6csATEt/tests/build/tkn-bundle.go:188 ------------------------------ SSS ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params creates Tekton bundles from specific context [build-templates] /tmp/tmp.yuz6csATEt/tests/build/tkn-bundle.go:199 ------------------------------ SS ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta) when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry verify-enterprise-contract check should pass [build, build-templates, HACBS, pipeline-service, pipeline, sbom, slow, build-templates-e2e] /tmp/tmp.yuz6csATEt/tests/build/build_templates.go:569 ------------------------------ SS ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params when context is the root directory [build-templates] /tmp/tmp.yuz6csATEt/tests/build/tkn-bundle.go:209 ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification verifies that a Release CR should have been created in the dev namespace [release-pipelines, push-to-external-registry] /tmp/tmp.yuz6csATEt/tests/release/pipelines/push_to_external_registry.go:157 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies if release CR is created [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.yuz6csATEt/tests/release/pipelines/release_to_github.go:138 ------------------------------ SS ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params creates Tekton bundles when context points to a file and a directory [build-templates] /tmp/tmp.yuz6csATEt/tests/build/tkn-bundle.go:218 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification verifies that Release PipelineRun should eventually succeed [release-pipelines, push-to-external-registry] /tmp/tmp.yuz6csATEt/tests/release/pipelines/push_to_external_registry.go:164 ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta) build-definitions ec pipelines runs ec pipeline pipelines/enterprise-contract.yaml [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e] /tmp/tmp.yuz6csATEt/tests/build/build_templates.go:744 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params creates Tekton bundles when using negation [build-templates] /tmp/tmp.yuz6csATEt/tests/build/tkn-bundle.go:228 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification tests if the image was pushed to quay [release-pipelines, push-to-external-registry] /tmp/tmp.yuz6csATEt/tests/release/pipelines/push_to_external_registry.go:168 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies the release pipelinerun is running and succeeds [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.yuz6csATEt/tests/release/pipelines/release_to_github.go:148 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params allows overriding HOME environment variable [build-templates] /tmp/tmp.yuz6csATEt/tests/build/tkn-bundle.go:238 ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification verifies that a Release is marked as succeeded. [release-pipelines, push-to-external-registry] /tmp/tmp.yuz6csATEt/tests/release/pipelines/push_to_external_registry.go:175 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.yuz6csATEt/tests/release/pipelines/release_to_github.go:181 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params allows overriding STEP image [build-templates] /tmp/tmp.yuz6csATEt/tests/build/tkn-bundle.go:247 ------------------------------ SSSSSSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies if the Release exists in github repo [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.yuz6csATEt/tests/release/pipelines/release_to_github.go:192 ------------------------------ SSSSSSSSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies the release CR is created [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.yuz6csATEt/tests/release/pipelines/multiarch_advisories.go:112 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies the multiarch release pipelinerun is running and succeeds [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.yuz6csATEt/tests/release/pipelines/multiarch_advisories.go:122 ------------------------------ SSSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.yuz6csATEt/tests/release/pipelines/multiarch_advisories.go:152 ------------------------------ SSSSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies if the repository URL is valid [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.yuz6csATEt/tests/release/pipelines/multiarch_advisories.go:163 ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta-min) when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min should have Pipeline Logs [build, build-templates, HACBS, pipeline-service, pipeline] /tmp/tmp.yuz6csATEt/tests/build/build_templates.go:507 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies if the release CR is created [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_push_to_registry_redhat_io.go:108 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:123 ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta-min) when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry verify-enterprise-contract check should pass [build, build-templates, HACBS, pipeline-service, pipeline, sbom, slow, build-templates-e2e] /tmp/tmp.yuz6csATEt/tests/build/build_templates.go:569 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies the rhio release pipelinerun is running and succeeds [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_push_to_registry_redhat_io.go:118 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_push_to_registry_redhat_io.go:148 ------------------------------ SSSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies if the MR URL is valid [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.yuz6csATEt/tests/release/pipelines/rh_push_to_registry_redhat_io.go:159 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:128 ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta-min) build-definitions ec pipelines runs ec pipeline pipelines/enterprise-contract.yaml [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e] /tmp/tmp.yuz6csATEt/tests/build/build_templates.go:744 ------------------------------ SSSS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:132 ------------------------------ SS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, aws-host-pool] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:120 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:136 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:178 ------------------------------ SS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, aws-host-pool] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:124 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, aws-host-pool] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:127 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:183 ------------------------------ SSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, aws-host-pool] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:148 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:187 ------------------------------ SSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created test that cleanup happened successfully [multi-platform, aws-host-pool] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:152 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:191 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, aws-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:251 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:233 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, aws-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:255 ------------------------------ SSSSS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:238 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, aws-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:259 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:242 ------------------------------ S ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, aws-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:263 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:246 ------------------------------ S ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created check cleanup happened successfully [multi-platform, aws-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:267 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:286 ------------------------------ S ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, ibmz-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:341 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:291 ------------------------------ SSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, ibmz-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:345 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:295 ------------------------------ SSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, ibmz-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:349 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.yuz6csATEt/tests/release/pipelines/fbc_release.go:299 ------------------------------ S ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, ibmz-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:353 ------------------------------ SS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created check cleanup happened successfully [multi-platform, ibmz-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:357 ------------------------------ SS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, ibmp-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:432 ------------------------------ SSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, ibmp-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:436 ------------------------------ SSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, ibmp-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:440 ------------------------------ S ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, ibmp-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:444 ------------------------------ SS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created check cleanup happened successfully [multi-platform, ibmp-dynamic] /tmp/tmp.yuz6csATEt/tests/build/multi-platform.go:448 ------------------------------ SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS••••••••••••••••••••••••••••••••••••••••••••••••••• ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created when second component is deleted, pac pr branch should not exist in the repo [build-service, github, pac-build, secret-lookup] /tmp/tmp.yuz6csATEt/tests/build/secret_lookup.go:206 ------------------------------ •••••••••••••••••••••••••••• ------------------------------ • [FAILED] [1400.817 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created [It] the PipelineRun should eventually finish successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:366 Timeline >> PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr found for Component build-e2e-jzwf/gh-test-custom-branch-vmudlt PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-srrrr reason: Failed attempt 1/3: PipelineRun "gh-test-custom-branch-vmudlt-on-pull-request-srrrr" failed: pod: gh-test-custom-branch-vmudlt-on-pull-request-srrrr-init-pod | init container: prepare 2026/04/17 20:01:48 Entrypoint initialization pod: gh-test-custom-branch-vmudlt-on-pull-request-srrrr-init-pod | container step-init: time="2026-04-17T20:02:00Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:02:00Z" level=info msg="[param] enable: false" time="2026-04-17T20:02:00Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:02:00Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:02:00Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:02:00Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:02:00Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:02:00Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:02:00Z" level=info msg="[result] NO PROXY: " New PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 found after retrigger for component build-e2e-jzwf/gh-test-custom-branch-vmudlt PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 found for Component build-e2e-jzwf/gh-test-custom-branch-vmudlt PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-pptv8 reason: Failed attempt 2/3: PipelineRun "gh-test-custom-branch-vmudlt-on-pull-request-pptv8" failed: pod: gh-test-custom-branch-vmudlt-on-pull-request-pptv8-init-pod | init container: prepare 2026/04/17 20:08:10 Entrypoint initialization pod: gh-test-custom-branch-vmudlt-on-pull-request-pptv8-init-pod | container step-init: time="2026-04-17T20:08:14Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:08:14Z" level=info msg="[param] enable: false" time="2026-04-17T20:08:14Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:08:14Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:08:14Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:08:14Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:08:15Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:08:15Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:08:15Z" level=info msg="[result] NO PROXY: " New PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt found after retrigger for component build-e2e-jzwf/gh-test-custom-branch-vmudlt PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt found for Component build-e2e-jzwf/gh-test-custom-branch-vmudlt PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Running PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: PipelineRunStopping PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: PipelineRunStopping PipelineRun gh-test-custom-branch-vmudlt-on-pull-request-22wnt reason: Failed attempt 3/3: PipelineRun "gh-test-custom-branch-vmudlt-on-pull-request-22wnt" failed: pod: gh-test-custom-branch-vmudlt-on-pull-request-22wnt-init-pod | init container: prepare 2026/04/17 20:16:36 Entrypoint initialization pod: gh-test-custom-branch-vmudlt-on-pull-request-22wnt-init-pod | container step-init: time="2026-04-17T20:16:42Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:16:42Z" level=info msg="[param] enable: false" time="2026-04-17T20:16:42Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:16:42Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:16:42Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:16:42Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:16:43Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:16:43Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:16:43Z" level=info msg="[result] NO PROXY: " [FAILED] in [It] - /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:368 @ 04/17/26 20:22:31.545 << Timeline [FAILED] Expected success, but got an error: <*errors.errorString | 0xc0018eb6e0>: pod: gh-test-custom-branch-vmudlt-on-pull-request-22wnt-init-pod | init container: prepare 2026/04/17 20:16:36 Entrypoint initialization pod: gh-test-custom-branch-vmudlt-on-pull-request-22wnt-init-pod | container step-init: time="2026-04-17T20:16:42Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:16:42Z" level=info msg="[param] enable: false" time="2026-04-17T20:16:42Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:16:42Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:16:42Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:16:42Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:16:43Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:16:43Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:16:43Z" level=info msg="[result] NO PROXY: " { s: "\n pod: gh-test-custom-branch-vmudlt-on-pull-request-22wnt-init-pod | init container: prepare\n2026/04/17 20:16:36 Entrypoint initialization\n\npod: gh-test-custom-branch-vmudlt-on-pull-request-22wnt-init-pod | container step-init: \ntime=\"2026-04-17T20:16:42Z\" level=info msg=\"Using in-cluster config\" logger=KubeClient\ntime=\"2026-04-17T20:16:42Z\" level=info msg=\"[param] enable: false\"\ntime=\"2026-04-17T20:16:42Z\" level=info msg=\"[param] default-http-proxy: squid.caching.svc.cluster.local:3128\"\ntime=\"2026-04-17T20:16:42Z\" level=info msg=\"[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai\"\ntime=\"2026-04-17T20:16:42Z\" level=info msg=\"[param] http-proxy-result-path: /tekton/results/http-proxy\"\ntime=\"2026-04-17T20:16:42Z\" level=info msg=\"[param] no-proxy-result-path: /tekton/results/no-proxy\"\ntime=\"2026-04-17T20:16:43Z\" level=info msg=\"Cache proxy is disabled in param or in backend\"\ntime=\"2026-04-17T20:16:43Z\" level=info msg=\"[result] HTTP PROXY: \"\ntime=\"2026-04-17T20:16:43Z\" level=info msg=\"[result] NO PROXY: \"\n", } In [It] at: /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:368 @ 04/17/26 20:22:31.545 ------------------------------ SSSSSSSSSSSSSSS ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:614 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:656 ------------------------------ S ------------------------------ • [FAILED] [1434.283 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace [It] the PipelineRun should eventually finish successfully for parent component [build-service, renovate, multi-component, forgejo] /tmp/tmp.yuz6csATEt/tests/build/renovate.go:274 Timeline >> PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk found for Component build-e2e-sreo/fj-multi-component-parent-fnjf PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: PipelineRunStopping PipelineRun fj-multi-component-parent-fnjf-on-pull-request-nv9tk reason: Failed attempt 1/3: PipelineRun "fj-multi-component-parent-fnjf-on-pull-request-nv9tk" failed: pod: fj-multi-component-parent-fnjf-on-pull-request-nv9tk-init-pod | init container: prepare 2026/04/17 20:01:35 Entrypoint initialization pod: fj-multi-component-parent-fnjf-on-pull-request-nv9tk-init-pod | container step-init: time="2026-04-17T20:01:42Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:01:42Z" level=info msg="[param] enable: false" time="2026-04-17T20:01:42Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:01:42Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:01:42Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:01:42Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:01:42Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:01:42Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:01:42Z" level=info msg="[result] NO PROXY: " New PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d found after retrigger for component build-e2e-sreo/fj-multi-component-parent-fnjf PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d found for Component build-e2e-sreo/fj-multi-component-parent-fnjf PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-wf89d reason: Failed attempt 2/3: PipelineRun "fj-multi-component-parent-fnjf-on-pull-request-wf89d" failed: pod: fj-multi-component-parent-fnjf-on-pull-request-wf89d-init-pod | init container: prepare 2026/04/17 20:07:45 Entrypoint initialization pod: fj-multi-component-parent-fnjf-on-pull-request-wf89d-init-pod | container step-init: time="2026-04-17T20:07:49Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:07:49Z" level=info msg="[param] enable: false" time="2026-04-17T20:07:49Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:07:49Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:07:49Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:07:49Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:07:49Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:07:49Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:07:49Z" level=info msg="[result] NO PROXY: " New PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 found after retrigger for component build-e2e-sreo/fj-multi-component-parent-fnjf PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 found for Component build-e2e-sreo/fj-multi-component-parent-fnjf PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Running PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: PipelineRunStopping PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: PipelineRunStopping PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: PipelineRunStopping PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: PipelineRunStopping PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: PipelineRunStopping PipelineRun fj-multi-component-parent-fnjf-on-pull-request-c4dx4 reason: Failed attempt 3/3: PipelineRun "fj-multi-component-parent-fnjf-on-pull-request-c4dx4" failed: pod: fj-multi-component-parent-fnjf-on-pull-request-c4dx4-init-pod | init container: prepare 2026/04/17 20:14:58 Entrypoint initialization pod: fj-multi-component-parent-fnjf-on-pull-request-c4dx4-init-pod | container step-init: time="2026-04-17T20:15:06Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:15:06Z" level=info msg="[param] enable: false" time="2026-04-17T20:15:06Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:15:06Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:15:06Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:15:06Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:15:06Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:15:06Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:15:06Z" level=info msg="[result] NO PROXY: " [FAILED] in [It] - /tmp/tmp.yuz6csATEt/tests/build/renovate.go:276 @ 04/17/26 20:23:28.56 << Timeline [FAILED] Expected success, but got an error: <*errors.errorString | 0xc001a381f0>: pod: fj-multi-component-parent-fnjf-on-pull-request-c4dx4-init-pod | init container: prepare 2026/04/17 20:14:58 Entrypoint initialization pod: fj-multi-component-parent-fnjf-on-pull-request-c4dx4-init-pod | container step-init: time="2026-04-17T20:15:06Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:15:06Z" level=info msg="[param] enable: false" time="2026-04-17T20:15:06Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:15:06Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:15:06Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:15:06Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:15:06Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:15:06Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:15:06Z" level=info msg="[result] NO PROXY: " { s: "\n pod: fj-multi-component-parent-fnjf-on-pull-request-c4dx4-init-pod | init container: prepare\n2026/04/17 20:14:58 Entrypoint initialization\n\npod: fj-multi-component-parent-fnjf-on-pull-request-c4dx4-init-pod | container step-init: \ntime=\"2026-04-17T20:15:06Z\" level=info msg=\"Using in-cluster config\" logger=KubeClient\ntime=\"2026-04-17T20:15:06Z\" level=info msg=\"[param] enable: false\"\ntime=\"2026-04-17T20:15:06Z\" level=info msg=\"[param] default-http-proxy: squid.caching.svc.cluster.local:3128\"\ntime=\"2026-04-17T20:15:06Z\" level=info msg=\"[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai\"\ntime=\"2026-04-17T20:15:06Z\" level=info msg=\"[param] http-proxy-result-path: /tekton/results/http-proxy\"\ntime=\"2026-04-17T20:15:06Z\" level=info msg=\"[param] no-proxy-result-path: /tekton/results/no-proxy\"\ntime=\"2026-04-17T20:15:06Z\" level=info msg=\"Cache proxy is disabled in param or in backend\"\ntime=\"2026-04-17T20:15:06Z\" level=info msg=\"[result] HTTP PROXY: \"\ntime=\"2026-04-17T20:15:06Z\" level=info msg=\"[result] NO PROXY: \"\n", } In [It] at: /tmp/tmp.yuz6csATEt/tests/build/renovate.go:276 @ 04/17/26 20:23:28.56 ------------------------------ SSSSSSSSSSS ------------------------------ • [FAILED] [1575.408 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] the PipelineRun should eventually finish successfully for component go-component-htuyve [build-service, github, pac-build, multi-component] /tmp/tmp.yuz6csATEt/tests/build/multi_component.go:159 Timeline >> PipelineRun go-component-htuyve-on-pull-request-g5sfs found for Component build-e2e-yizs/go-component-htuyve PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Running PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: PipelineRunStopping PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: PipelineRunStopping PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: PipelineRunStopping PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: PipelineRunStopping PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: PipelineRunStopping PipelineRun go-component-htuyve-on-pull-request-g5sfs reason: Failed attempt 1/3: PipelineRun "go-component-htuyve-on-pull-request-g5sfs" failed: pod: go-component-htuyve-on-pull-request-g5sfs-apply-tags-pod | init container: prepare 2026/04/17 20:01:01 Entrypoint initialization pod: go-component-htuyve-on-pull-request-g5sfs-apply-tags-pod | container step-apply-additional-tags: time="2026-04-17T20:01:12Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021" time="2026-04-17T20:01:12Z" level=info msg="[param] digest: sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98" time="2026-04-17T20:01:12Z" level=info msg="[param] tags-from-image-label: konflux.additional-tags" time="2026-04-17T20:01:14Z" level=warning msg="No tags given in 'konflux.additional-tags' image label" {"tags":[]} pod: go-component-htuyve-on-pull-request-g5sfs-build-container-pod | init container: prepare 2026/04/17 19:58:07 Entrypoint initialization pod: go-component-htuyve-on-pull-request-g5sfs-build-container-pod | init container: place-scripts 2026/04/17 19:58:08 Decoded script /tekton/scripts/script-0-slbtr 2026/04/17 19:58:08 Decoded script /tekton/scripts/script-1-dnprn 2026/04/17 19:58:08 Decoded script /tekton/scripts/script-2-6j9w8 2026/04/17 19:58:08 Decoded script /tekton/scripts/script-3-sp97m 2026/04/17 19:58:08 Decoded script /tekton/scripts/script-4-7z5bx pod: go-component-htuyve-on-pull-request-g5sfs-build-container-pod | init container: working-dir-initializer pod: go-component-htuyve-on-pull-request-g5sfs-build-container-pod | container step-build: [2026-04-17T19:58:39,852278306+00:00] Validate context path [2026-04-17T19:58:39,857537589+00:00] Update CA trust [2026-04-17T19:58:39,859382944+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-17T19:58:42,734137791+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-17T19:58:42,745215598+00:00] Prepare system (architecture: x86_64) [2026-04-17T19:58:42,767601142+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/go-toolset:1.18.9-14... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:e76793d6902ad1adb19ede3d720024cf0cd8427b3ff606554a4bcafba03dddf4 Copying blob sha256:4a13c0e9217d70e608f2d5f5d3c5ffa6d9cd16908b3f83a7a97492d355d25a09 Copying blob sha256:0ab0ba77295aca9b12f463cb7198f0b8b6990b41151dbbd4e1b224fe85244b83 Copying blob sha256:2a625e4afab51b49edb0e5f4ff37d8afbb20ec644ed1e68641358a6305557de3 Copying config sha256:391a2eac28d98dc72726df1faa77db28f6899a77c91ad40f2bdad62baf041301 Writing manifest to image destination Storing signatures [2026-04-17T19:58:57,103581986+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2026-04-17T19:58:42Z", "com.redhat.component": "go-toolset-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "distribution-scope": "public", "io.buildah.version": "1.42.2", "io.k8s.description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "io.k8s.display-name": "Go 1.18.9", "io.openshift.expose-services": "", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,golang,golang118,rh-golang118,go", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "Red Hat, Inc.", "name": "rhel9/go-toolset", "release": "14", "summary": "Platform for building and running Go Applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhel9/go-toolset/images/1.18.9-14", "vcs-ref": "d5eea035f3e2c377c47d9b8644deeaf9714f4021", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1.18.9", "org.opencontainers.image.revision": "d5eea035f3e2c377c47d9b8644deeaf9714f4021", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2026-04-17T19:58:42Z" } [2026-04-17T19:58:57,163093140+00:00] Register sub-man Adding the entitlement to the build [2026-04-17T19:58:57,167988592+00:00] Add secrets [2026-04-17T19:58:57,187587529+00:00] Run buildah build [2026-04-17T19:58:57,189386923+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=d5eea035f3e2c377c47d9b8644deeaf9714f4021 --label org.opencontainers.image.revision=d5eea035f3e2c377c47d9b8644deeaf9714f4021 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2026-04-17T19:58:42Z --label org.opencontainers.image.created=2026-04-17T19:58:42Z --annotation org.opencontainers.image.revision=d5eea035f3e2c377c47d9b8644deeaf9714f4021 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2026-04-17T19:58:42Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.L2Z1rL -t quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021 . STEP 1/10: FROM registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 STEP 2/10: COPY . . STEP 3/10: RUN go mod download go: no module dependencies to download STEP 4/10: RUN go build -o ./main STEP 5/10: ENV PORT 8081 STEP 6/10: EXPOSE 8081 STEP 7/10: CMD [ "./main" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="d5eea035f3e2c377c47d9b8644deeaf9714f4021" "org.opencontainers.image.revision"="d5eea035f3e2c377c47d9b8644deeaf9714f4021" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2026-04-17T19:58:42Z" "org.opencontainers.image.created"="2026-04-17T19:58:42Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021 --> f627d833d4fc Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021 f627d833d4fc91ad1f54ca58439bf8a1285cb99571c88f88615082bdd1346784 [2026-04-17T19:59:01,101575608+00:00] Unsetting proxy [2026-04-17T19:59:01,103685213+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 registry.access.redhat.com/ubi9/go-toolset:1.18.9-14@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 Getting image source signatures Copying blob sha256:e29ecab1d01caa7edf7eec2f510601e46413b078170053475139c53c2ab0acbc Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying config sha256:f627d833d4fc91ad1f54ca58439bf8a1285cb99571c88f88615082bdd1346784 Writing manifest to image destination [2026-04-17T19:59:10,135639100+00:00] End build pod: go-component-htuyve-on-pull-request-g5sfs-build-container-pod | container step-push: [2026-04-17T19:59:11,031932740+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-17T19:59:13,857995573+00:00] Convert image [2026-04-17T19:59:13,859630417+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:go-component-htuyve-on-pull-request-g5sfs-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021 docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:go-component-htuyve-on-pull-request-g5sfs-build-container Getting image source signatures Copying blob sha256:e29ecab1d01caa7edf7eec2f510601e46413b078170053475139c53c2ab0acbc Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying config sha256:f627d833d4fc91ad1f54ca58439bf8a1285cb99571c88f88615082bdd1346784 Writing manifest to image destination [2026-04-17T19:59:29,083507785+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021 [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021 docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021 Getting image source signatures Copying blob sha256:e29ecab1d01caa7edf7eec2f510601e46413b078170053475139c53c2ab0acbc Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying config sha256:f627d833d4fc91ad1f54ca58439bf8a1285cb99571c88f88615082bdd1346784 Writing manifest to image destination sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021 [retry] executing: kubectl get configmap cluster-config -n konflux-info -o json Keyless signing is disabled (none of rekorInternalUrl, fulcioInternalUrl, defaultOIDCIssuer, tufInternalUrl are configured in the konflux-info/cluster-config configmap) [2026-04-17T19:59:30,586457736+00:00] End push pod: go-component-htuyve-on-pull-request-g5sfs-build-container-pod | container step-sbom-syft-generate: [2026-04-17T19:59:30,644941301+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2026-04-17T19:59:48,675172783+00:00] End sbom-syft-generate pod: go-component-htuyve-on-pull-request-g5sfs-build-container-pod | container step-prepare-sboms: [2026-04-17T19:59:49,271680187+00:00] Prepare SBOM [2026-04-17T19:59:49,277834123+00:00] Generate SBOM with mobster Skipping SBOM validation 2026-04-17 19:59:50,688 [INFO] mobster.log: Logging level set to 20 2026-04-17 19:59:51,085 [INFO] mobster.oci: Fetching manifest for registry.access.redhat.com/ubi9/go-toolset@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 2026-04-17 19:59:52,445 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 19:59:52,898 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 19:59:53,948 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 19:59:54,430 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 19:59:55,494 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 19:59:55,948 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 19:59:56,917 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 19:59:57,371 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 19:59:57,371 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2026-04-17 19:59:57,371 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2026-04-17 19:59:57,374 [INFO] mobster.log: Contextual workflow completed in 6.38s 2026-04-17 19:59:57,493 [INFO] mobster.main: Exiting with code 0. [2026-04-17T19:59:57,561182507+00:00] End prepare-sboms pod: go-component-htuyve-on-pull-request-g5sfs-build-container-pod | container step-upload-sbom: [2026-04-17T19:59:58,428720486+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve Pushing sbom to registry [retry] executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021@sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98 WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate sbom.json --key '. Uploading SBOM file for [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98] to [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:sha256-0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98.sbom] with mediaType [text/spdx+json]. quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:b985705ed49ab98ded5a3550af1e7988a9e311d4364325ae32da21706904f1e8 [2026-04-17T20:00:04,162984997+00:00] End upload-sbom pod: go-component-htuyve-on-pull-request-g5sfs-build-image-index-pod | init container: prepare 2026/04/17 20:00:13 Entrypoint initialization pod: go-component-htuyve-on-pull-request-g5sfs-build-image-index-pod | init container: place-scripts 2026/04/17 20:00:14 Decoded script /tekton/scripts/script-0-5hgfb 2026/04/17 20:00:14 Decoded script /tekton/scripts/script-1-d9k65 2026/04/17 20:00:14 Decoded script /tekton/scripts/script-2-zfnkh pod: go-component-htuyve-on-pull-request-g5sfs-build-image-index-pod | container step-build: [2026-04-17T20:00:17,609665061+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Running konflux-build-cli time="2026-04-17T20:00:20Z" level=info msg="[param] image: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021" time="2026-04-17T20:00:20Z" level=info msg="[param] images: [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021@sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98]" time="2026-04-17T20:00:20Z" level=info msg="[param] buildah-format: docker" time="2026-04-17T20:00:20Z" level=info msg="[param] always-build-index: false" time="2026-04-17T20:00:20Z" level=info msg="[param] additional-tags: [go-component-htuyve-on-pull-request-g5sfs-build-image-index]" time="2026-04-17T20:00:20Z" level=info msg="[param] output-manifest-path: /index-build-data/manifest_data.json" time="2026-04-17T20:00:20Z" level=info msg="[param] result-path-image-digest: /tekton/results/IMAGE_DIGEST" time="2026-04-17T20:00:20Z" level=info msg="[param] result-path-image-url: /tekton/results/IMAGE_URL" time="2026-04-17T20:00:20Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-17T20:00:20Z" level=info msg="[param] result-path-images: /tekton/results/IMAGES" time="2026-04-17T20:00:20Z" level=info msg="Creating manifest list: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021" time="2026-04-17T20:00:20Z" level=info msg="buildah [stdout] 6a4f11ab316381c19c9e0996d6adf051cb2a58bca922be0fbcea6bb0de0c3cd5" logger=CliExecutor time="2026-04-17T20:00:20Z" level=info msg="Skipping image index generation. Returning results for single image." {"image_digest":"sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98","image_url":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021","image_ref":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98","images":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98"} pod: go-component-htuyve-on-pull-request-g5sfs-build-image-index-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: go-component-htuyve-on-pull-request-g5sfs-build-image-index-pod | container step-upload-sbom: [2026-04-17T20:00:20,936935621+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: go-component-htuyve-on-pull-request-g5sfs-clone-repository-pod | init container: prepare 2026/04/17 19:57:35 Entrypoint initialization pod: go-component-htuyve-on-pull-request-g5sfs-clone-repository-pod | init container: place-scripts 2026/04/17 19:57:37 Decoded script /tekton/scripts/script-0-xt8c4 2026/04/17 19:57:37 Decoded script /tekton/scripts/script-1-dcshg pod: go-component-htuyve-on-pull-request-g5sfs-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1776455862.9830184,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776455863.5080347,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ d5eea035f3e2c377c47d9b8644deeaf9714f4021 (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1776455863.50872,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776455863.546251,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision d5eea035f3e2c377c47d9b8644deeaf9714f4021 directly. pod: go-component-htuyve-on-pull-request-g5sfs-clone-repository-pod | container step-symlink-check: Running symlink check pod: go-component-htuyve-on-pull-request-g5sfs-init-pod | init container: prepare 2026/04/17 19:57:29 Entrypoint initialization pod: go-component-htuyve-on-pull-request-g5sfs-init-pod | container step-init: time="2026-04-17T19:57:33Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T19:57:33Z" level=info msg="[param] enable: false" time="2026-04-17T19:57:33Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T19:57:33Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T19:57:33Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T19:57:33Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T19:57:33Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T19:57:33Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T19:57:33Z" level=info msg="[result] NO PROXY: " pod: go-component-htuyve-on-pull-request-g5sfs-push-dockerfile-pod | init container: prepare 2026/04/17 20:01:01 Entrypoint initialization pod: go-component-htuyve-on-pull-request-g5sfs-push-dockerfile-pod | init container: working-dir-initializer pod: go-component-htuyve-on-pull-request-g5sfs-push-dockerfile-pod | container step-push: time="2026-04-17T20:01:26Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021" time="2026-04-17T20:01:26Z" level=info msg="[param] image-digest: sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98" time="2026-04-17T20:01:26Z" level=info msg="[param] containerfile: docker/Dockerfile" time="2026-04-17T20:01:26Z" level=info msg="[param] context: go-component" time="2026-04-17T20:01:26Z" level=info msg="[param] tag-suffix: .dockerfile" time="2026-04-17T20:01:26Z" level=info msg="[param] artifact-type: application/vnd.konflux.dockerfile" time="2026-04-17T20:01:26Z" level=info msg="[param] source: source" time="2026-04-17T20:01:26Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-17T20:01:26Z" level=info msg="[param] alternative-filename: Dockerfile" pod: go-component-htuyve-on-pull40d268c0ea5d0c40157e59f2be6ceef7-pod | init container: prepare 2026/04/17 20:01:05 Entrypoint initialization pod: go-component-htuyve-on-pull40d268c0ea5d0c40157e59f2be6ceef7-pod | init container: place-scripts 2026/04/17 20:01:14 Decoded script /tekton/scripts/script-0-6q8p5 2026/04/17 20:01:14 Decoded script /tekton/scripts/script-1-2gns5 pod: go-component-htuyve-on-pull40d268c0ea5d0c40157e59f2be6ceef7-pod | container step-rpms-signature-scan: + set -o pipefail + rpm_verifier --image-url quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021 --image-digest sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98 --workdir /tmp Image: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98 No unsigned RPMs found {'keys': {'199e2f91fd431d51': 419, 'unsigned': 0}} ==================================== Final results: {"keys": {"199e2f91fd431d51": 419, "unsigned": 0}} Images processed: {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021", "digests": ["sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98"]}} pod: go-component-htuyve-on-pull40d268c0ea5d0c40157e59f2be6ceef7-pod | container step-output-results: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index ++ cat /tmp/status + status=SUCCESS ++ cat /tmp/results + rpms_data='{"keys": {"199e2f91fd431d51": 419, "unsigned": 0}}' ++ cat /tmp/images_processed + images_processed='{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021", "digests": ["sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98"]}}' + '[' SUCCESS == ERROR ']' + note='Task rpms-signature-scan completed successfully' ++ make_result_json -r SUCCESS -t 'Task rpms-signature-scan completed successfully' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task rpms-signature-scan completed successfully' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-04-17T20:03:21+00:00 --arg result SUCCESS --arg note 'Task rpms-signature-scan completed successfully' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-17T20:03:21+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-17T20:03:21+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-17T20:03:21+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2026-04-17T20:03:21+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-04-17T20:03:21+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0} + echo '{"keys": {"199e2f91fd431d51": 419, "unsigned": 0}}' + tee /tekton/results/RPMS_DATA {"keys": {"199e2f91fd431d51": 419, "unsigned": 0}} + echo '{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021", "digests": ["sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98"]}}' + tee /tekton/results/IMAGES_PROCESSED {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-d5eea035f3e2c377c47d9b8644deeaf9714f4021", "digests": ["sha256:0e0e45343b885915a902d93111806202d1bf91a31367d07ef9473d5944195e98"]}} pod: go-component-htuyve-on-pull88122b8939e6848f7a11b989bc8b0ccb-pod | init container: prepare 2026/04/17 19:57:46 Entrypoint initialization pod: go-component-htuyve-on-pull88122b8939e6848f7a11b989bc8b0ccb-pod | init container: place-scripts 2026/04/17 19:57:47 Decoded script /tekton/scripts/script-0-qdhmz pod: go-component-htuyve-on-pull88122b8939e6848f7a11b989bc8b0ccb-pod | container step-prefetch-dependencies: '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' time="2026-04-17T19:58:02Z" level=debug msg="Starting prefetch-dependencies" time="2026-04-17T19:58:02Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T19:58:02Z" level=info msg="Not using package registry proxy because allow-package-registry-proxy is not set to `true` on the cluster level" logger=PrefetchDependencies time="2026-04-17T19:58:02Z" level=info msg="[param] source-dir: /workspace/source/source" time="2026-04-17T19:58:02Z" level=info msg="[param] output-dir: /workspace/source/cachi2/output" time="2026-04-17T19:58:02Z" level=info msg="[param] sbom-format: spdx" time="2026-04-17T19:58:02Z" level=info msg="[param] mode: strict" time="2026-04-17T19:58:02Z" level=info msg="[param] output-dir-mount-point: /cachi2/output" time="2026-04-17T19:58:02Z" level=info msg="[param] env-files: [/workspace/source/cachi2/cachi2.env]" time="2026-04-17T19:58:02Z" level=info msg="[param] git-auth-directory: /workspace/git-basic-auth" time="2026-04-17T19:58:03Z" level=info msg="hermeto [stdout] hermeto 0.50.1" logger=CliExecutor time="2026-04-17T19:58:03Z" level=warning msg="No input provided; skipping prefetch-dependencies" logger=PrefetchDependencies time="2026-04-17T19:58:03Z" level=debug msg="Finished prefetch-dependencies" New PipelineRun go-component-htuyve-on-pull-request-lkhsl found after retrigger for component build-e2e-yizs/go-component-htuyve PipelineRun go-component-htuyve-on-pull-request-lkhsl found for Component build-e2e-yizs/go-component-htuyve PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: ResolvingTaskRef PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: ResolvingTaskRef PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: ResolvingTaskRef PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Running PipelineRun go-component-htuyve-on-pull-request-lkhsl reason: Failed attempt 2/3: PipelineRun "go-component-htuyve-on-pull-request-lkhsl" failed: pod: go-component-htuyve-on-pull-request-lkhsl-apply-tags-pod | init container: prepare 2026/04/17 20:09:48 Entrypoint initialization pod: go-component-htuyve-on-pull-request-lkhsl-apply-tags-pod | container step-apply-additional-tags: time="2026-04-17T20:09:57Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60" time="2026-04-17T20:09:57Z" level=info msg="[param] digest: sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c" time="2026-04-17T20:09:57Z" level=info msg="[param] tags-from-image-label: konflux.additional-tags" time="2026-04-17T20:09:59Z" level=warning msg="No tags given in 'konflux.additional-tags' image label" {"tags":[]} pod: go-component-htuyve-on-pull-request-lkhsl-build-container-pod | init container: prepare 2026/04/17 20:06:35 Entrypoint initialization pod: go-component-htuyve-on-pull-request-lkhsl-build-container-pod | init container: place-scripts 2026/04/17 20:06:36 Decoded script /tekton/scripts/script-0-dbh9p 2026/04/17 20:06:36 Decoded script /tekton/scripts/script-1-jf9jl 2026/04/17 20:06:36 Decoded script /tekton/scripts/script-2-bz6kn 2026/04/17 20:06:36 Decoded script /tekton/scripts/script-3-vwkgn 2026/04/17 20:06:36 Decoded script /tekton/scripts/script-4-msf9s pod: go-component-htuyve-on-pull-request-lkhsl-build-container-pod | init container: working-dir-initializer pod: go-component-htuyve-on-pull-request-lkhsl-build-container-pod | container step-build: [2026-04-17T20:06:40,006555697+00:00] Validate context path [2026-04-17T20:06:40,011486089+00:00] Update CA trust [2026-04-17T20:06:40,013129443+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-17T20:06:42,971257581+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-17T20:06:42,981167365+00:00] Prepare system (architecture: x86_64) [2026-04-17T20:06:43,000957772+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/go-toolset:1.18.9-14... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:e76793d6902ad1adb19ede3d720024cf0cd8427b3ff606554a4bcafba03dddf4 Copying blob sha256:2a625e4afab51b49edb0e5f4ff37d8afbb20ec644ed1e68641358a6305557de3 Copying blob sha256:0ab0ba77295aca9b12f463cb7198f0b8b6990b41151dbbd4e1b224fe85244b83 Copying blob sha256:4a13c0e9217d70e608f2d5f5d3c5ffa6d9cd16908b3f83a7a97492d355d25a09 Copying config sha256:391a2eac28d98dc72726df1faa77db28f6899a77c91ad40f2bdad62baf041301 Writing manifest to image destination Storing signatures [2026-04-17T20:07:06,282384508+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2026-04-17T20:06:43Z", "com.redhat.component": "go-toolset-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "distribution-scope": "public", "io.buildah.version": "1.42.2", "io.k8s.description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "io.k8s.display-name": "Go 1.18.9", "io.openshift.expose-services": "", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,golang,golang118,rh-golang118,go", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "Red Hat, Inc.", "name": "rhel9/go-toolset", "release": "14", "summary": "Platform for building and running Go Applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhel9/go-toolset/images/1.18.9-14", "vcs-ref": "3975fe9fc7ca291d00875b71a6764cd9cf210a60", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1.18.9", "org.opencontainers.image.revision": "3975fe9fc7ca291d00875b71a6764cd9cf210a60", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2026-04-17T20:06:43Z" } [2026-04-17T20:07:06,501378048+00:00] Register sub-man Adding the entitlement to the build [2026-04-17T20:07:06,576293736+00:00] Add secrets [2026-04-17T20:07:06,747814903+00:00] Run buildah build [2026-04-17T20:07:06,749347406+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=3975fe9fc7ca291d00875b71a6764cd9cf210a60 --label org.opencontainers.image.revision=3975fe9fc7ca291d00875b71a6764cd9cf210a60 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2026-04-17T20:06:43Z --label org.opencontainers.image.created=2026-04-17T20:06:43Z --annotation org.opencontainers.image.revision=3975fe9fc7ca291d00875b71a6764cd9cf210a60 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2026-04-17T20:06:43Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.oYwRto -t quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 . STEP 1/10: FROM registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 STEP 2/10: COPY . . STEP 3/10: RUN go mod download go: no module dependencies to download STEP 4/10: RUN go build -o ./main STEP 5/10: ENV PORT 8081 STEP 6/10: EXPOSE 8081 STEP 7/10: CMD [ "./main" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="3975fe9fc7ca291d00875b71a6764cd9cf210a60" "org.opencontainers.image.revision"="3975fe9fc7ca291d00875b71a6764cd9cf210a60" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2026-04-17T20:06:43Z" "org.opencontainers.image.created"="2026-04-17T20:06:43Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 --> 8903a3b4f8f8 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 8903a3b4f8f85af3b2df958a305b3dea5d278d06277440e18a1810864e38046e [2026-04-17T20:07:15,776546765+00:00] Unsetting proxy [2026-04-17T20:07:15,778433099+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 registry.access.redhat.com/ubi9/go-toolset:1.18.9-14@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 Getting image source signatures Copying blob sha256:fc8cdc92cd285b8233dedd9f2ad6e42e1b30a71377b3de793468652d9feb46a6 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying config sha256:8903a3b4f8f85af3b2df958a305b3dea5d278d06277440e18a1810864e38046e Writing manifest to image destination [2026-04-17T20:07:32,240580326+00:00] End build pod: go-component-htuyve-on-pull-request-lkhsl-build-container-pod | container step-push: [2026-04-17T20:07:33,206540068+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-17T20:07:37,227405618+00:00] Convert image [2026-04-17T20:07:37,229093852+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:go-component-htuyve-on-pull-request-lkhsl-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:go-component-htuyve-on-pull-request-lkhsl-build-container Getting image source signatures Copying blob sha256:fc8cdc92cd285b8233dedd9f2ad6e42e1b30a71377b3de793468652d9feb46a6 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying config sha256:8903a3b4f8f85af3b2df958a305b3dea5d278d06277440e18a1810864e38046e Writing manifest to image destination [2026-04-17T20:07:50,876633192+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 Getting image source signatures Copying blob sha256:fc8cdc92cd285b8233dedd9f2ad6e42e1b30a71377b3de793468652d9feb46a6 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying config sha256:8903a3b4f8f85af3b2df958a305b3dea5d278d06277440e18a1810864e38046e Writing manifest to image destination sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263cquay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 [retry] executing: kubectl get configmap cluster-config -n konflux-info -o json Keyless signing is disabled (none of rekorInternalUrl, fulcioInternalUrl, defaultOIDCIssuer, tufInternalUrl are configured in the konflux-info/cluster-config configmap) [2026-04-17T20:07:52,569385158+00:00] End push pod: go-component-htuyve-on-pull-request-lkhsl-build-container-pod | container step-sbom-syft-generate: [2026-04-17T20:07:53,518269119+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2026-04-17T20:08:12,131242440+00:00] End sbom-syft-generate pod: go-component-htuyve-on-pull-request-lkhsl-build-container-pod | container step-prepare-sboms: [2026-04-17T20:08:12,668665655+00:00] Prepare SBOM [2026-04-17T20:08:12,675106470+00:00] Generate SBOM with mobster Skipping SBOM validation 2026-04-17 20:08:16,066 [INFO] mobster.log: Logging level set to 20 2026-04-17 20:08:16,470 [INFO] mobster.oci: Fetching manifest for registry.access.redhat.com/ubi9/go-toolset@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 2026-04-17 20:08:18,032 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:08:18,517 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:08:19,618 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:08:20,077 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:08:21,062 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:08:21,497 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:08:22,661 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:08:23,097 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:08:23,097 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2026-04-17 20:08:23,097 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2026-04-17 20:08:23,100 [INFO] mobster.log: Contextual workflow completed in 6.72s 2026-04-17 20:08:23,222 [INFO] mobster.main: Exiting with code 0. [2026-04-17T20:08:23,306059953+00:00] End prepare-sboms pod: go-component-htuyve-on-pull-request-lkhsl-build-container-pod | container step-upload-sbom: [2026-04-17T20:08:23,871283234+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve Pushing sbom to registry [retry] executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate sbom.json --key '. Uploading SBOM file for [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c] to [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:sha256-b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c.sbom] with mediaType [text/spdx+json]. quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:86485c195336d5bbdc778172193f89981322f54c931a71d2b819f66369758c1d [2026-04-17T20:08:32,917137126+00:00] End upload-sbom pod: go-component-htuyve-on-pull-request-lkhsl-build-image-index-pod | init container: prepare 2026/04/17 20:08:42 Entrypoint initialization pod: go-component-htuyve-on-pull-request-lkhsl-build-image-index-pod | init container: place-scripts 2026/04/17 20:08:44 Decoded script /tekton/scripts/script-0-wq6pc 2026/04/17 20:08:44 Decoded script /tekton/scripts/script-1-2hx9b 2026/04/17 20:08:44 Decoded script /tekton/scripts/script-2-66nph pod: go-component-htuyve-on-pull-request-lkhsl-build-image-index-pod | container step-build: [2026-04-17T20:08:59,430622771+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Running konflux-build-cli time="2026-04-17T20:09:07Z" level=info msg="[param] image: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60" time="2026-04-17T20:09:07Z" level=info msg="[param] images: [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c]" time="2026-04-17T20:09:07Z" level=info msg="[param] buildah-format: docker" time="2026-04-17T20:09:07Z" level=info msg="[param] always-build-index: false" time="2026-04-17T20:09:07Z" level=info msg="[param] additional-tags: [go-component-htuyve-on-pull-request-lkhsl-build-image-index]" time="2026-04-17T20:09:07Z" level=info msg="[param] output-manifest-path: /index-build-data/manifest_data.json" time="2026-04-17T20:09:07Z" level=info msg="[param] result-path-image-digest: /tekton/results/IMAGE_DIGEST" time="2026-04-17T20:09:07Z" level=info msg="[param] result-path-image-url: /tekton/results/IMAGE_URL" time="2026-04-17T20:09:07Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-17T20:09:07Z" level=info msg="[param] result-path-images: /tekton/results/IMAGES" time="2026-04-17T20:09:07Z" level=info msg="Creating manifest list: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60" time="2026-04-17T20:09:07Z" level=info msg="buildah [stdout] 68da17cd1ca47edde6f0e195d1b74e42ccc52cd1b354e40e900782e22e7ddf99" logger=CliExecutor time="2026-04-17T20:09:07Z" level=info msg="Skipping image index generation. Returning results for single image." {"image_digest":"sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c","image_url":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60","image_ref":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c","images":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c"} pod: go-component-htuyve-on-pull-request-lkhsl-build-image-index-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: go-component-htuyve-on-pull-request-lkhsl-build-image-index-pod | container step-upload-sbom: [2026-04-17T20:09:08,690477870+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: go-component-htuyve-on-pull-request-lkhsl-clair-scan-pod | init container: prepare 2026/04/17 20:09:35 Entrypoint initialization pod: go-component-htuyve-on-pull-request-lkhsl-clair-scan-pod | init container: place-scripts 2026/04/17 20:09:52 Decoded script /tekton/scripts/script-0-kng6g 2026/04/17 20:09:52 Decoded script /tekton/scripts/script-1-tq4ww 2026/04/17 20:09:52 Decoded script /tekton/scripts/script-2-54rl5 2026/04/17 20:09:52 Decoded script /tekton/scripts/script-3-9n8fs pod: go-component-htuyve-on-pull-request-lkhsl-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c. pod: go-component-htuyve-on-pull-request-lkhsl-clair-scan-pod | container step-get-vulnerabilities: pod: go-component-htuyve-on-pull-request-lkhsl-clair-scan-pod | container step-oci-attach-report: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c clair-report-amd64.json:application/vnd.redhat.clair-report+json pod: go-component-htuyve-on-pull-request-lkhsl-clair-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 3, "warnings": [ { "msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: python3-setuptools-53.0.0-10.el9_1.1 (CVE-2024-6345), openssh-clients-8.7p1-24.el9_1 (CVE-2023-38408, CVE-2024-6387, CVE-2026-3497), freetype-devel-2.10.4-9.el9 (CVE-2025-27363), python3-libs-3.9.14-1.el9_1.2 (CVE-2023-24329, CVE-2023-40217, CVE-2023-6597, CVE-2024-12718, CVE-2025-4138, CVE-2025-4517, CVE-2026-4519), golang-src-1.18.9-1.el9_1 (CVE-2023-24540, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-39325, CVE-2023-44487, CVE-2023-45288, CVE-2024-1394, CVE-2024-34156, CVE-2025-22874, CVE-2025-4674, CVE-2025-61726, CVE-2025-61729, CVE-2025-61731, CVE-2025-61732, CVE-2026-25679), libtiff-devel-4.4.0-5.el9_1 (CVE-2025-8176, CVE-2025-9900), libwebp-1.2.0-3.el9 (CVE-2023-1999, CVE-2023-4863), libxslt-1.1.34-9.el9 (CVE-2024-55549, CVE-2025-24855), libarchive-3.5.3-3.el9 (CVE-2025-5914, CVE-2026-4111, CVE-2026-4424), libwebp-devel-1.2.0-3.el9 (CVE-2023-1999, CVE-2023-4863), openssl-devel-1:3.0.1-47.el9_1 (CVE-2024-12797, CVE-2025-15467), libxml2-2.9.13-3.el9_1 (CVE-2024-56171, CVE-2025-24928, CVE-2025-49794, CVE-2025-49796, CVE-2025-7425), brotli-devel-1.0.9-6.el9 (CVE-2025-6176), libpng-devel-2:1.6.37-12.el9 (CVE-2025-64720, CVE-2025-65018, CVE-2025-66293, CVE-2026-25646), python3-3.9.14-1.el9_1.2 (CVE-2023-24329, CVE-2023-40217, CVE-2023-6597, CVE-2024-12718, CVE-2025-4138, CVE-2025-4517, CVE-2026-4519), subscription-manager-1.29.30.1-1.el9_1 (CVE-2023-3899), golang-1.18.9-1.el9_1 (CVE-2023-24540, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-39325, CVE-2023-44487, CVE-2023-45288, CVE-2024-1394, CVE-2024-34156, CVE-2025-22874, CVE-2025-4674, CVE-2025-61726, CVE-2025-61729, CVE-2025-61731, CVE-2025-61732, CVE-2026-25679), sqlite-3.34.1-6.el9_1 (CVE-2025-6965), libxslt-devel-1.1.34-9.el9 (CVE-2024-55549, CVE-2025-24855), libpq-devel-13.5-1.el9 (CVE-2025-1094), nodejs-1:16.18.1-3.el9_1 (CVE-2023-30581, CVE-2023-32002, CVE-2023-32006, CVE-2023-32067, CVE-2023-44487, CVE-2024-21892, CVE-2024-21896, CVE-2024-22017, CVE-2024-22019, CVE-2024-27983, CVE-2025-23083, CVE-2025-23166, CVE-2025-3277, CVE-2025-55130, CVE-2025-55131, CVE-2025-59465, CVE-2025-6965, CVE-2026-1526, CVE-2026-1528, CVE-2026-21710, CVE-2026-2229, CVE-2026-27135), go-srpm-macros-3.0.9-9.el9 (CVE-2025-61726), python3-urllib3-1.26.5-3.el9 (CVE-2025-66418, CVE-2025-66471, CVE-2026-21441), libtiff-4.4.0-5.el9_1 (CVE-2025-8176, CVE-2025-9900), git-core-doc-2.31.1-3.el9_1 (CVE-2023-25652, CVE-2023-29007, CVE-2024-32002, CVE-2024-32004, CVE-2025-48384, CVE-2025-48385), golang-bin-1.18.9-1.el9_1 (CVE-2023-24540, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-39325, CVE-2023-44487, CVE-2023-45288, CVE-2024-1394, CVE-2024-34156, CVE-2025-22874, CVE-2025-4674, CVE-2025-61726, CVE-2025-61729, CVE-2025-61731, CVE-2025-61732, CVE-2026-25679), go-toolset-1.18.9-1.el9_1 (CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-45288, CVE-2024-1394, CVE-2024-34156, CVE-2025-22874, CVE-2025-4674, CVE-2025-61726, CVE-2025-61729, CVE-2025-61731, CVE-2025-61732, CVE-2026-25679), vim-minimal-2:8.2.2637-20.el9_1 (CVE-2026-33412), nodejs-docs-1:16.18.1-3.el9_1 (CVE-2023-30581, CVE-2023-32002, CVE-2023-32006, CVE-2023-32067, CVE-2023-44487, CVE-2024-21892, CVE-2024-21896, CVE-2024-22017, CVE-2024-22019, CVE-2024-27983, CVE-2025-23083, CVE-2025-23166, CVE-2025-3277, CVE-2025-55130, CVE-2025-55131, CVE-2025-59465, CVE-2025-6965, CVE-2026-1526, CVE-2026-1528, CVE-2026-21710, CVE-2026-2229, CVE-2026-27135), nodejs-libs-1:16.18.1-3.el9_1 (CVE-2023-30581, CVE-2023-32002, CVE-2023-32006, CVE-2023-32067, CVE-2023-44487, CVE-2024-22019, CVE-2024-27983, CVE-2025-23083, CVE-2025-23166, CVE-2025-3277, CVE-2025-55130, CVE-2025-55131, CVE-2025-59465, CVE-2025-6965, CVE-2026-1526, CVE-2026-1528, CVE-2026-21710, CVE-2026-2229, CVE-2026-27135), libpng-2:1.6.37-12.el9 (CVE-2025-64720, CVE-2025-65018, CVE-2025-66293, CVE-2026-25646), libbrotli-1.0.9-6.el9 (CVE-2025-6176), emacs-filesystem-1:27.2-6.el9 (CVE-2023-2491, CVE-2023-28617, CVE-2025-1244), freetype-2.10.4-9.el9 (CVE-2025-27363), npm-1:8.19.2-1.16.18.1.3.el9_1 (CVE-2023-30581, CVE-2023-32002, CVE-2023-32006, CVE-2023-32067, CVE-2023-44487, CVE-2024-21892, CVE-2024-21896, CVE-2024-22017, CVE-2024-22019, CVE-2024-27983, CVE-2025-23083, CVE-2025-23166, CVE-2025-3277, CVE-2025-55130, CVE-2025-55131, CVE-2025-59465, CVE-2025-6965, CVE-2026-1526, CVE-2026-1528, CVE-2026-21710, CVE-2026-2229, CVE-2026-27135), libdnf-plugin-subscription-manager-1.29.30.1-1.el9_1 (CVE-2023-3899), brotli-1.0.9-6.el9 (CVE-2025-6176), libpq-13.5-1.el9 (CVE-2025-1094), glibc-2.34-40.el9_1.1 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), openssh-8.7p1-24.el9_1 (CVE-2023-38408, CVE-2024-6387, CVE-2026-3497), sqlite-libs-3.34.1-6.el9_1 (CVE-2025-6965), sqlite-devel-3.34.1-6.el9_1 (CVE-2025-6965), python3-subscription-manager-rhsm-1.29.30.1-1.el9_1 (CVE-2023-3899), openssl-1:3.0.1-47.el9_1 (CVE-2024-12797, CVE-2025-15467), libxml2-devel-2.9.13-3.el9_1 (CVE-2024-56171, CVE-2025-24928, CVE-2025-49794, CVE-2025-49796, CVE-2025-7425), glibc-headers-2.34-40.el9_1.1 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), perl-Git-2.31.1-3.el9_1 (CVE-2023-25652, CVE-2023-29007, CVE-2024-32002, CVE-2024-32004, CVE-2025-48384, CVE-2025-48385), python3-cloud-what-1.29.30.1-1.el9_1 (CVE-2023-3899), libcurl-devel-7.76.1-19.el9_1.1 (CVE-2023-38545), less-590-1.el9_0 (CVE-2024-32487), delve-1.8.3-1.el9 (CVE-2024-34156), glibc-devel-2.34-40.el9_1.1 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), krb5-libs-1.19.1-24.el9_1 (CVE-2023-39975, CVE-2024-3596), expat-2.4.9-1.el9_1.1 (CVE-2025-59375), nodejs-full-i18n-1:16.18.1-3.el9_1 (CVE-2023-30581, CVE-2023-32002, CVE-2023-32006, CVE-2023-32067, CVE-2023-44487, CVE-2024-21892, CVE-2024-21896, CVE-2024-22017, CVE-2024-22019, CVE-2024-27983, CVE-2025-23083, CVE-2025-23166, CVE-2025-3277, CVE-2025-55130, CVE-2025-55131, CVE-2025-59465, CVE-2025-6965, CVE-2026-1526, CVE-2026-1528, CVE-2026-21710, CVE-2026-2229, CVE-2026-27135), curl-minimal-7.76.1-19.el9_1.1 (CVE-2023-38545), glibc-langpack-en-2.34-40.el9_1.1 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), libcurl-minimal-7.76.1-19.el9_1.1 (CVE-2023-38545), glibc-common-2.34-40.el9_1.1 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), glibc-gconv-extra-2.34-40.el9_1.1 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), bsdtar-3.5.3-3.el9 (CVE-2025-5914, CVE-2026-4111, CVE-2026-4424), pam-1.5.1-12.el9 (CVE-2024-10963, CVE-2025-6020, CVE-2025-8941), git-core-2.31.1-3.el9_1 (CVE-2023-25652, CVE-2023-29007, CVE-2024-32002, CVE-2024-32004, CVE-2025-48384, CVE-2025-48385), git-2.31.1-3.el9_1 (CVE-2023-25652, CVE-2023-29007, CVE-2024-32002, CVE-2024-32004, CVE-2025-48384, CVE-2025-48385), libeconf-0.4.1-2.el9 (CVE-2023-30079), gnupg2-2.3.3-2.el9_0 (CVE-2025-68973), glibc-minimal-langpack-2.34-40.el9_1.1 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), openssl-libs-1:3.0.1-47.el9_1 (CVE-2024-12797, CVE-2025-15467), rsync-3.2.3-18.el9 (CVE-2024-12085), libnghttp2-1.43.0-5.el9 (CVE-2023-44487, CVE-2026-27135), glibc-locale-source-2.34-40.el9_1.1 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), python3-setuptools-wheel-53.0.0-10.el9_1.1 (CVE-2024-6345)", "name": "clair_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 318 } }, { "msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: openssh-clients-8.7p1-24.el9_1 (CVE-2026-35385), python3-libs-3.9.14-1.el9_1.2 (CVE-2026-4786, CVE-2026-6100), golang-src-1.18.9-1.el9_1 (CVE-2026-27137, CVE-2026-27140, CVE-2026-32280, CVE-2026-33810), libtiff-devel-4.4.0-5.el9_1 (CVE-2026-4775), python3-3.9.14-1.el9_1.2 (CVE-2026-4786, CVE-2026-6100), golang-1.18.9-1.el9_1 (CVE-2026-27137, CVE-2026-27140, CVE-2026-32280, CVE-2026-33810), go-srpm-macros-3.0.9-9.el9 (CVE-2026-25679), libtiff-4.4.0-5.el9_1 (CVE-2026-4775), golang-bin-1.18.9-1.el9_1 (CVE-2026-27137, CVE-2026-27140, CVE-2026-32280, CVE-2026-33810), go-toolset-1.18.9-1.el9_1 (CVE-2025-61726, CVE-2025-61732, CVE-2026-27137, CVE-2026-27140, CVE-2026-32280, CVE-2026-33810), vim-minimal-2:8.2.2637-20.el9_1 (CVE-2026-34982), libcap-2.48-8.el9 (CVE-2026-4878), openssh-8.7p1-24.el9_1 (CVE-2026-35385), vim-filesystem-2:8.2.2637-20.el9_1 (CVE-2026-34982), rsync-3.2.3-18.el9 (CVE-2026-41035)", "name": "clair_unpatched_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 31 } }, { "msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: perl-HTTP-Tiny-0.076-460.el9 (CVE-2023-31486), python3-setuptools-53.0.0-10.el9_1.1 (CVE-2025-47273), openssh-clients-8.7p1-24.el9_1 (CVE-2023-25136, CVE-2023-48795, CVE-2023-51385, CVE-2024-6409, CVE-2025-26465, CVE-2025-61984, CVE-2025-61985), perl-overload-1.31-479.el9 (CVE-2023-47038, CVE-2025-40909), gmp-1:6.2.0-10.el9 (CVE-2021-43618), perl-SelectSaver-1.02-479.el9 (CVE-2023-47038, CVE-2025-40909), systemd-libs-250-12.el9_1.3 (CVE-2023-7008, CVE-2025-4598), python3-libs-3.9.14-1.el9_1.2 (CVE-2023-27043, CVE-2024-0450, CVE-2024-11168, CVE-2024-6232, CVE-2024-6923, CVE-2024-8088, CVE-2024-9287, CVE-2025-0938, CVE-2025-12084, CVE-2025-15366, CVE-2025-15367, CVE-2025-4330, CVE-2025-4435, CVE-2025-6069, CVE-2025-8194, CVE-2025-8291, CVE-2026-0865, CVE-2026-1299), libmount-devel-2.37.4-9.el9 (CVE-2025-14104), libicu-67.1-9.el9 (CVE-2025-5222), libsmartcols-2.37.4-9.el9 (CVE-2025-14104), golang-src-1.18.9-1.el9_1 (CVE-2023-24532, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-29400, CVE-2023-29402, CVE-2023-29406, CVE-2023-29409, CVE-2023-39326, CVE-2023-45285, CVE-2023-45289, CVE-2023-45290, CVE-2024-24783, CVE-2024-24784, CVE-2024-24785, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-34155, CVE-2024-34158, CVE-2024-45336, CVE-2024-9355, CVE-2025-22866, CVE-2025-22871, CVE-2025-4673, CVE-2025-47906, CVE-2025-47907, CVE-2025-58183, CVE-2025-61728, CVE-2025-68121), gnutls-3.7.6-12.el9_0 (CVE-2023-0361, CVE-2023-5981, CVE-2024-0553, CVE-2024-0567, CVE-2024-12243, CVE-2024-28834, CVE-2024-28835, CVE-2025-14831, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, CVE-2025-6395), libblkid-2.37.4-9.el9 (CVE-2025-14104), bzip2-devel-1.0.8-8.el9 (CVE-2019-12900), libtiff-devel-4.4.0-5.el9_1 (CVE-2017-17095, CVE-2022-3570, CVE-2022-3597, CVE-2022-3598, CVE-2022-3599, CVE-2022-3626, CVE-2022-3627, CVE-2022-3970, CVE-2022-40090, CVE-2022-4645, CVE-2022-48281, CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, CVE-2023-26965, CVE-2023-26966, CVE-2023-2731, CVE-2023-30086, CVE-2023-30774, CVE-2023-30775, CVE-2023-3316, CVE-2023-3576, CVE-2023-3618, CVE-2023-40745, CVE-2023-41175, CVE-2023-52355, CVE-2023-52356, CVE-2024-7006), harfbuzz-icu-2.7.4-8.el9 (CVE-2023-25193), libxslt-1.1.34-9.el9 (CVE-2023-40403), rpm-libs-4.16.1.3-19.el9_1 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), binutils-2.35.2-24.el9 (CVE-2022-4285, CVE-2025-11083), perl-File-Basename-2.85-479.el9 (CVE-2023-47038, CVE-2025-40909), perl-IPC-Open3-1.21-479.el9 (CVE-2023-47038, CVE-2025-40909), libarchive-3.5.3-3.el9 (CVE-2025-25724, CVE-2026-5121), perl-DynaLoader-1.47-479.el9 (CVE-2023-47038, CVE-2025-40909), libuuid-2.37.4-9.el9 (CVE-2025-14104), perl-IO-1.43-479.el9 (CVE-2023-47038, CVE-2025-40909), libX11-xcb-1.7.0-7.el9 (CVE-2023-3138, CVE-2023-43785, CVE-2023-43786, CVE-2023-43787), openssl-devel-1:3.0.1-47.el9_1 (CVE-2023-0466, CVE-2023-2650, CVE-2023-5363, CVE-2024-6119, CVE-2025-11187, CVE-2025-69419, CVE-2025-9230), libxml2-2.9.13-3.el9_1 (CVE-2022-49043, CVE-2023-28484, CVE-2023-29469, CVE-2023-39615, CVE-2024-25062, CVE-2025-32414, CVE-2025-32415, CVE-2025-6021, CVE-2025-9714), bzip2-libs-1.0.8-8.el9 (CVE-2019-12900), python3-rpm-4.16.1.3-19.el9_1 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), libpng-devel-2:1.6.37-12.el9 (CVE-2026-22695, CVE-2026-22801), python3-3.9.14-1.el9_1.2 (CVE-2023-27043, CVE-2024-0450, CVE-2024-11168, CVE-2024-6232, CVE-2024-6923, CVE-2024-8088, CVE-2024-9287, CVE-2025-0938, CVE-2025-12084, CVE-2025-15366, CVE-2025-15367, CVE-2025-4330, CVE-2025-4435, CVE-2025-6069, CVE-2025-8194, CVE-2025-8291, CVE-2026-0865, CVE-2026-1299), python3-requests-2.25.1-6.el9 (CVE-2023-32681, CVE-2024-35195, CVE-2024-47081), tpm2-tss-3.0.3-8.el9 (CVE-2023-22745), perl-vars-1.05-479.el9 (CVE-2023-47038, CVE-2025-40909), libXpm-devel-3.5.13-8.el9_1 (CVE-2023-43788, CVE-2023-43789), harfbuzz-devel-2.7.4-8.el9 (CVE-2023-25193), golang-1.18.9-1.el9_1 (CVE-2023-24532, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-29400, CVE-2023-29402, CVE-2023-29406, CVE-2023-29409, CVE-2023-39326, CVE-2023-45285, CVE-2023-45289, CVE-2023-45290, CVE-2024-24783, CVE-2024-24784, CVE-2024-24785, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-34155, CVE-2024-34158, CVE-2024-45336, CVE-2024-9355, CVE-2025-22866, CVE-2025-22871, CVE-2025-4673, CVE-2025-47906, CVE-2025-47907, CVE-2025-58183, CVE-2025-61728, CVE-2025-68121), libjpeg-turbo-devel-2.0.90-5.el9 (CVE-2021-29390, CVE-2021-46822), perl-File-Compare-1.100.600-479.el9 (CVE-2023-47038, CVE-2025-40909), gcc-c++-11.3.1-2.1.el9 (CVE-2020-11023), sqlite-3.34.1-6.el9_1 (CVE-2023-7104), gcc-plugin-annobin-11.3.1-2.1.el9 (CVE-2020-11023), rpm-sign-libs-4.16.1.3-19.el9_1 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), libxslt-devel-1.1.34-9.el9 (CVE-2023-40403), libpq-devel-13.5-1.el9 (CVE-2025-12818), dmidecode-1:3.3-7.el9 (CVE-2023-30630), nodejs-1:16.18.1-3.el9_1 (CVE-2021-35065, CVE-2022-25881, CVE-2022-25883, CVE-2022-3517, CVE-2022-43548, CVE-2022-4904, CVE-2023-23918, CVE-2023-23919, CVE-2023-23936, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-31130, CVE-2023-31147, CVE-2023-32559, CVE-2023-38552, CVE-2023-46809, CVE-2024-21890, CVE-2024-21891, CVE-2024-22020, CVE-2024-22025, CVE-2024-27982, CVE-2024-28182, CVE-2024-28863, CVE-2025-22150, CVE-2025-23085, CVE-2025-23167, CVE-2025-31498, CVE-2025-55132, CVE-2025-59466, CVE-2026-1525, CVE-2026-1527, CVE-2026-21637, CVE-2026-21711, CVE-2026-21712, CVE-2026-21713, CVE-2026-21714, CVE-2026-21717, CVE-2026-25547, CVE-2026-2581, CVE-2026-26996, CVE-2026-27904), go-srpm-macros-3.0.9-9.el9 (CVE-2025-47906), glib2-2.68.4-5.el9 (CVE-2024-34397, CVE-2024-52533, CVE-2025-13601, CVE-2025-4373), libX11-1.7.0-7.el9 (CVE-2023-3138, CVE-2023-43785, CVE-2023-43786, CVE-2023-43787), python3-urllib3-1.26.5-3.el9 (CVE-2023-43804, CVE-2023-45803, CVE-2024-37891), libtiff-4.4.0-5.el9_1 (CVE-2017-17095, CVE-2022-3570, CVE-2022-3597, CVE-2022-3598, CVE-2022-3599, CVE-2022-3626, CVE-2022-3627, CVE-2022-3970, CVE-2022-40090, CVE-2022-4645, CVE-2022-48281, CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, CVE-2023-26965, CVE-2023-26966, CVE-2023-2731, CVE-2023-30086, CVE-2023-30774, CVE-2023-30775, CVE-2023-3316, CVE-2023-3576, CVE-2023-3618, CVE-2023-40745, CVE-2023-41175, CVE-2023-52355, CVE-2023-52356, CVE-2024-7006), harfbuzz-2.7.4-8.el9 (CVE-2023-25193), util-linux-core-2.37.4-9.el9 (CVE-2025-14104), libstdc++-11.3.1-2.1.el9 (CVE-2020-11023), git-core-doc-2.31.1-3.el9_1 (CVE-2022-24765, CVE-2022-29187, CVE-2022-39253, CVE-2022-39260, CVE-2023-22490, CVE-2023-23946, CVE-2024-32465, CVE-2024-52005, CVE-2025-27613, CVE-2025-27614), golang-bin-1.18.9-1.el9_1 (CVE-2023-24532, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-29400, CVE-2023-29402, CVE-2023-29406, CVE-2023-29409, CVE-2023-39326, CVE-2023-45285, CVE-2023-45289, CVE-2023-45290, CVE-2024-24783, CVE-2024-24784, CVE-2024-24785, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-34155, CVE-2024-34158, CVE-2024-45336, CVE-2024-9355, CVE-2025-22866, CVE-2025-22871, CVE-2025-4673, CVE-2025-47906, CVE-2025-47907, CVE-2025-58183, CVE-2025-61728, CVE-2025-68121), go-toolset-1.18.9-1.el9_1 (CVE-2023-29402, CVE-2023-39326, CVE-2023-45285, CVE-2023-45289, CVE-2023-45290, CVE-2024-24783, CVE-2024-24784, CVE-2024-24785, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-34155, CVE-2024-34158, CVE-2024-45336, CVE-2024-9355, CVE-2025-22866, CVE-2025-22871, CVE-2025-4673, CVE-2025-47906, CVE-2025-47907, CVE-2025-58183, CVE-2025-61728, CVE-2025-68121), vim-minimal-2:8.2.2637-20.el9_1 (CVE-2025-53905, CVE-2026-25749, CVE-2026-28421), perl-Symbol-1.08-479.el9 (CVE-2023-47038, CVE-2025-40909), nodejs-docs-1:16.18.1-3.el9_1 (CVE-2021-35065, CVE-2022-25881, CVE-2022-25883, CVE-2022-3517, CVE-2022-43548, CVE-2022-4904, CVE-2023-23918, CVE-2023-23919, CVE-2023-23936, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-31130, CVE-2023-31147, CVE-2023-32559, CVE-2023-38552, CVE-2023-46809, CVE-2024-21890, CVE-2024-21891, CVE-2024-22020, CVE-2024-22025, CVE-2024-27982, CVE-2024-28182, CVE-2024-28863, CVE-2025-22150, CVE-2025-23085, CVE-2025-23167, CVE-2025-31498, CVE-2025-55132, CVE-2025-59466, CVE-2026-1525, CVE-2026-1527, CVE-2026-21637, CVE-2026-21711, CVE-2026-21712, CVE-2026-21713, CVE-2026-21714, CVE-2026-21717, CVE-2026-25547, CVE-2026-2581, CVE-2026-26996, CVE-2026-27904), libmount-2.37.4-9.el9 (CVE-2025-14104), libcap-2.48-8.el9 (CVE-2023-2603), nodejs-libs-1:16.18.1-3.el9_1 (CVE-2021-35065, CVE-2022-25881, CVE-2022-4904, CVE-2023-23918, CVE-2023-23936, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-31130, CVE-2023-31147, CVE-2023-32559, CVE-2024-22025, CVE-2024-27982, CVE-2024-28182, CVE-2025-22150, CVE-2025-23085, CVE-2025-31498, CVE-2025-55132, CVE-2025-59466, CVE-2026-1525, CVE-2026-1527, CVE-2026-21637, CVE-2026-21711, CVE-2026-21712, CVE-2026-21713, CVE-2026-21714, CVE-2026-21717, CVE-2026-25547, CVE-2026-2581, CVE-2026-26996, CVE-2026-27904), libpng-2:1.6.37-12.el9 (CVE-2026-22695, CVE-2026-22801), emacs-filesystem-1:27.2-6.el9 (CVE-2022-45939, CVE-2022-48337, CVE-2022-48338, CVE-2022-48339, CVE-2024-30203, CVE-2024-30204, CVE-2024-30205, CVE-2024-39331, CVE-2024-53920), npm-1:8.19.2-1.16.18.1.3.el9_1 (CVE-2021-35065, CVE-2022-25881, CVE-2022-25883, CVE-2022-3517, CVE-2022-43548, CVE-2022-4904, CVE-2023-23918, CVE-2023-23919, CVE-2023-23936, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-31130, CVE-2023-31147, CVE-2023-32559, CVE-2023-38552, CVE-2023-46809, CVE-2024-21890, CVE-2024-21891, CVE-2024-22020, CVE-2024-22025, CVE-2024-27982, CVE-2024-28182, CVE-2024-28863, CVE-2025-22150, CVE-2025-23085, CVE-2025-23167, CVE-2025-31498, CVE-2025-55132, CVE-2025-59466, CVE-2026-1525, CVE-2026-21637, CVE-2026-25547, CVE-2026-26996, CVE-2026-27904), perl-NDBM_File-1.15-479.el9 (CVE-2023-47038, CVE-2025-40909), perl-FileHandle-2.03-479.el9 (CVE-2023-47038, CVE-2025-40909), libgcc-11.3.1-2.1.el9 (CVE-2020-11023), perl-Getopt-Std-1.12-479.el9 (CVE-2023-47038, CVE-2025-40909), perl-lib-0.65-479.el9 (CVE-2023-47038, CVE-2025-40909), perl-Class-Struct-0.66-479.el9 (CVE-2023-47038, CVE-2025-40909), perl-if-0.60.800-479.el9 (CVE-2023-47038, CVE-2025-40909), perl-POSIX-1.94-479.el9 (CVE-2023-47038, CVE-2025-40909), libpq-13.5-1.el9 (CVE-2025-12818), binutils-gold-2.35.2-24.el9 (CVE-2022-4285, CVE-2025-11083), perl-overloading-0.02-479.el9 (CVE-2023-47038, CVE-2025-40909), glibc-2.34-40.el9_1.1 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058, CVE-2026-0915), openssh-8.7p1-24.el9_1 (CVE-2023-25136, CVE-2023-48795, CVE-2023-51385, CVE-2024-6409, CVE-2025-26465, CVE-2025-61984, CVE-2025-61985), sqlite-libs-3.34.1-6.el9_1 (CVE-2023-7104), systemd-pam-250-12.el9_1.3 (CVE-2023-7008, CVE-2025-4598), sqlite-devel-3.34.1-6.el9_1 (CVE-2023-7104), util-linux-2.37.4-9.el9 (CVE-2025-14104), openssl-1:3.0.1-47.el9_1 (CVE-2023-0466, CVE-2023-2650, CVE-2023-5363, CVE-2024-6119, CVE-2025-11187, CVE-2025-69419, CVE-2025-9230), libX11-common-1.7.0-7.el9 (CVE-2023-3138, CVE-2023-43785, CVE-2023-43786, CVE-2023-43787), libxml2-devel-2.9.13-3.el9_1 (CVE-2022-49043, CVE-2023-28484, CVE-2023-29469, CVE-2023-39615, CVE-2024-25062, CVE-2025-32414, CVE-2025-32415, CVE-2025-6021, CVE-2025-9714), libXpm-3.5.13-8.el9_1 (CVE-2023-43788, CVE-2023-43789), glibc-headers-2.34-40.el9_1.1 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), vim-filesystem-2:8.2.2637-20.el9_1 (CVE-2025-53905), perl-File-stat-1.09-479.el9 (CVE-2023-47038, CVE-2025-40909), perl-subs-1.03-479.el9 (CVE-2023-47038, CVE-2025-40909), perl-base-2.27-479.el9 (CVE-2023-47038, CVE-2025-40909), ncurses-6.2-8.20210508.el9 (CVE-2023-29491), perl-Fcntl-1.13-479.el9 (CVE-2023-47038, CVE-2025-40909), ncurses-libs-6.2-8.20210508.el9 (CVE-2023-29491), perl-B-1.80-479.el9 (CVE-2023-47038, CVE-2025-40909), perl-Git-2.31.1-3.el9_1 (CVE-2022-24765, CVE-2022-29187, CVE-2022-39253, CVE-2022-39260, CVE-2023-22490, CVE-2023-23946, CVE-2024-32465, CVE-2024-52005, CVE-2025-27613, CVE-2025-27614), wget-1.21.1-7.el9 (CVE-2024-38428), perl-interpreter-4:5.32.1-479.el9 (CVE-2023-47038, CVE-2025-40909), perl-AutoLoader-5.74-479.el9 (CVE-2023-47038, CVE-2025-40909), qt5-srpm-macros-5.15.3-1.el9 (CVE-2023-33285, CVE-2023-34410), libgcrypt-1.10.0-8.el9_0 (CVE-2024-2236), bzip2-1.0.8-8.el9 (CVE-2019-12900), libX11-devel-1.7.0-7.el9 (CVE-2023-3138, CVE-2023-43785, CVE-2023-43786, CVE-2023-43787), libcurl-devel-7.76.1-19.el9_1.1 (CVE-2023-23916, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398, CVE-2025-9086), libblkid-devel-2.37.4-9.el9 (CVE-2025-14104), perl-File-Copy-2.34-479.el9 (CVE-2023-47038, CVE-2025-40909), less-590-1.el9_0 (CVE-2022-46663, CVE-2022-48624), delve-1.8.3-1.el9 (CVE-2024-45336, CVE-2025-22866, CVE-2025-58183, CVE-2025-68121), glibc-devel-2.34-40.el9_1.1 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), glib2-devel-2.68.4-5.el9 (CVE-2024-34397, CVE-2024-52533, CVE-2025-13601, CVE-2025-4373), perl-libs-4:5.32.1-479.el9 (CVE-2023-47038, CVE-2025-40909), libjpeg-turbo-2.0.90-5.el9 (CVE-2021-29390, CVE-2021-46822), ncurses-base-6.2-8.20210508.el9 (CVE-2023-29491), python3-idna-2.10-7.el9 (CVE-2024-3651), perl-Errno-1.30-479.el9 (CVE-2023-47038, CVE-2025-40909), dbus-libs-1:1.12.20-7.el9_1 (CVE-2023-34969), krb5-libs-1.19.1-24.el9_1 (CVE-2020-17049, CVE-2023-36054, CVE-2024-26462, CVE-2024-37370, CVE-2024-37371, CVE-2025-24528, CVE-2025-3576), expat-2.4.9-1.el9_1.1 (CVE-2023-52425, CVE-2024-28757, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-8176), rpm-4.16.1.3-19.el9_1 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), libgomp-11.3.1-2.1.el9 (CVE-2020-11023), nodejs-full-i18n-1:16.18.1-3.el9_1 (CVE-2021-35065, CVE-2022-25881, CVE-2022-25883, CVE-2022-3517, CVE-2022-43548, CVE-2022-4904, CVE-2023-23918, CVE-2023-23919, CVE-2023-23936, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-31130, CVE-2023-31147, CVE-2023-32559, CVE-2023-38552, CVE-2023-46809, CVE-2024-21890, CVE-2024-21891, CVE-2024-22020, CVE-2024-22025, CVE-2024-27982, CVE-2024-28182, CVE-2024-28863, CVE-2025-22150, CVE-2025-23085, CVE-2025-23167, CVE-2025-31498, CVE-2025-55132, CVE-2025-59466, CVE-2026-1525, CVE-2026-1527, CVE-2026-21637, CVE-2026-21711, CVE-2026-21712, CVE-2026-21713, CVE-2026-21714, CVE-2026-21717, CVE-2026-25547, CVE-2026-2581, CVE-2026-26996, CVE-2026-27904), dbus-1:1.12.20-7.el9_1 (CVE-2023-34969), libicu-devel-67.1-9.el9 (CVE-2025-5222), pixman-0.40.0-5.el9 (CVE-2022-44638), curl-minimal-7.76.1-19.el9_1.1 (CVE-2023-23916, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398, CVE-2025-9086), glibc-langpack-en-2.34-40.el9_1.1 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), systemd-rpm-macros-250-12.el9_1.3 (CVE-2023-7008, CVE-2025-4598), libcurl-minimal-7.76.1-19.el9_1.1 (CVE-2023-23916, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398, CVE-2025-9086), glibc-common-2.34-40.el9_1.1 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), libtasn1-4.16.0-8.el9_1 (CVE-2024-12133), glibc-gconv-extra-2.34-40.el9_1.1 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), bsdtar-3.5.3-3.el9 (CVE-2025-25724, CVE-2026-5121), gcc-11.3.1-2.1.el9 (CVE-2020-11023), pam-1.5.1-12.el9 (CVE-2024-10041, CVE-2024-22365), git-core-2.31.1-3.el9_1 (CVE-2022-24765, CVE-2022-29187, CVE-2022-39253, CVE-2022-39260, CVE-2023-22490, CVE-2023-23946, CVE-2024-32465, CVE-2024-52005, CVE-2025-27613, CVE-2025-27614), git-2.31.1-3.el9_1 (CVE-2022-24765, CVE-2022-29187, CVE-2022-39253, CVE-2022-39260, CVE-2023-22490, CVE-2023-23946, CVE-2024-32465, CVE-2024-52005, CVE-2025-27613, CVE-2025-27614), libeconf-0.4.1-2.el9 (CVE-2023-22652), perl-mro-1.23-479.el9 (CVE-2023-47038, CVE-2025-40909), tar-2:1.34-6.el9_1 (CVE-2025-45582), rpm-build-libs-4.16.1.3-19.el9_1 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), systemd-250-12.el9_1.3 (CVE-2023-7008, CVE-2025-4598), glibc-minimal-langpack-2.34-40.el9_1.1 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), perl-File-Find-1.37-479.el9 (CVE-2023-47038, CVE-2025-40909), cpp-11.3.1-2.1.el9 (CVE-2020-11023), dbus-common-1:1.12.20-7.el9_1 (CVE-2023-34969), openssl-libs-1:3.0.1-47.el9_1 (CVE-2023-0466, CVE-2023-2650, CVE-2023-5363, CVE-2024-6119, CVE-2025-11187, CVE-2025-69419, CVE-2025-9230), rsync-3.2.3-18.el9 (CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-10158), libfdisk-2.37.4-9.el9 (CVE-2025-14104), libnghttp2-1.43.0-5.el9 (CVE-2024-28182), glibc-locale-source-2.34-40.el9_1.1 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), python3-setuptools-wheel-53.0.0-10.el9_1.1 (CVE-2025-47273), libstdc++-devel-11.3.1-2.1.el9 (CVE-2020-11023)", "name": "clair_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 837 } }, { "msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: openssh-clients-8.7p1-24.el9_1 (CVE-2023-51767, CVE-2025-32728, CVE-2026-35414), freetype-devel-2.10.4-9.el9 (CVE-2026-23865), systemd-libs-250-12.el9_1.3 (CVE-2026-29111, CVE-2026-4105), fontconfig-devel-2.14.0-2.el9_1 (CVE-2026-34085), python3-libs-3.9.14-1.el9_1.2 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2026-0672, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-5713), libmount-devel-2.37.4-9.el9 (CVE-2026-27456), libsmartcols-2.37.4-9.el9 (CVE-2026-27456), xz-devel-5.2.5-8.el9_0 (CVE-2026-34743), golang-src-1.18.9-1.el9_1 (CVE-2021-3115, CVE-2021-42574, CVE-2023-39323, CVE-2025-22870, CVE-2025-22873, CVE-2025-47912, CVE-2025-58190, CVE-2025-61724, CVE-2025-61727, CVE-2025-68119, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32281, CVE-2026-32282, CVE-2026-32288, CVE-2026-32289, CVE-2026-33809), libblkid-2.37.4-9.el9 (CVE-2026-27456), gdb-10.2-10.el9 (CVE-2025-11081, CVE-2025-11082, CVE-2025-11083, CVE-2025-5245, CVE-2026-4647), libtiff-devel-4.4.0-5.el9_1 (CVE-2023-25433, CVE-2023-25434, CVE-2023-25435, CVE-2023-3164, CVE-2023-6277, CVE-2025-61143, CVE-2025-61144, CVE-2025-61145, CVE-2025-8851), harfbuzz-icu-2.7.4-8.el9 (CVE-2026-22693), libxslt-1.1.34-9.el9 (CVE-2025-10911), binutils-2.35.2-24.el9 (CVE-2021-20197, CVE-2021-45078, CVE-2025-11081, CVE-2025-11082, CVE-2025-5245, CVE-2025-7545, CVE-2026-4647), libarchive-3.5.3-3.el9 (CVE-2023-30571, CVE-2025-60753, CVE-2026-4426, CVE-2026-5745), libuuid-2.37.4-9.el9 (CVE-2026-27456), libX11-xcb-1.7.0-7.el9 (CVE-2022-3554), openssl-devel-1:3.0.1-47.el9_1 (CVE-2026-28390, CVE-2026-31790), libxml2-2.9.13-3.el9_1 (CVE-2026-0990, CVE-2026-1757), libpng-devel-2:1.6.37-12.el9 (CVE-2025-28164, CVE-2025-64505, CVE-2025-64506, CVE-2026-33416, CVE-2026-33636, CVE-2026-34757), python3-3.9.14-1.el9_1.2 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2026-0672, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-5713), tpm2-tss-3.0.3-8.el9 (CVE-2024-29040), harfbuzz-devel-2.7.4-8.el9 (CVE-2026-22693), golang-1.18.9-1.el9_1 (CVE-2021-3115, CVE-2021-42574, CVE-2023-39323, CVE-2025-22870, CVE-2025-22873, CVE-2025-47912, CVE-2025-58190, CVE-2025-61724, CVE-2025-61727, CVE-2025-68119, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32281, CVE-2026-32282, CVE-2026-32288, CVE-2026-32289, CVE-2026-33809), openldap-2.6.2-3.el9 (CVE-2026-22185), p11-kit-0.24.1-2.el9 (CVE-2026-2100), libxslt-devel-1.1.34-9.el9 (CVE-2025-10911), libpq-devel-13.5-1.el9 (CVE-2025-4207), nodejs-1:16.18.1-3.el9_1 (CVE-2021-27290, CVE-2021-3807, CVE-2022-25883, CVE-2023-38552, CVE-2023-46809, CVE-2024-24806, CVE-2025-29087, CVE-2025-59464, CVE-2025-62408, CVE-2025-64118, CVE-2025-64756, CVE-2025-7458, CVE-2026-1527, CVE-2026-21712, CVE-2026-21713, CVE-2026-21714, CVE-2026-21717, CVE-2026-25547, CVE-2026-2581, CVE-2026-27903, CVE-2026-27904, CVE-2026-33671, CVE-2026-33672), go-srpm-macros-3.0.9-9.el9 (CVE-2024-8244, CVE-2026-32282), glib2-2.68.4-5.el9 (CVE-2025-14087, CVE-2025-14512, CVE-2026-1484, CVE-2026-1489), libX11-1.7.0-7.el9 (CVE-2022-3554), libtiff-4.4.0-5.el9_1 (CVE-2023-25433, CVE-2023-25434, CVE-2023-25435, CVE-2023-3164, CVE-2023-6277, CVE-2025-61143, CVE-2025-61144, CVE-2025-61145, CVE-2025-8851), harfbuzz-2.7.4-8.el9 (CVE-2026-22693), util-linux-core-2.37.4-9.el9 (CVE-2026-27456), git-core-doc-2.31.1-3.el9_1 (CVE-2025-48386), golang-bin-1.18.9-1.el9_1 (CVE-2021-3115, CVE-2021-42574, CVE-2023-39323, CVE-2025-22870, CVE-2025-22873, CVE-2025-47912, CVE-2025-58190, CVE-2025-61724, CVE-2025-61727, CVE-2025-68119, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32281, CVE-2026-32282, CVE-2026-32288, CVE-2026-32289, CVE-2026-33809), go-toolset-1.18.9-1.el9_1 (CVE-2020-28362, CVE-2021-3115, CVE-2021-42574, CVE-2022-1705, CVE-2022-1962, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148, CVE-2023-39323, CVE-2025-22870, CVE-2025-22873, CVE-2025-47912, CVE-2025-58190, CVE-2025-61724, CVE-2025-61727, CVE-2025-61728, CVE-2025-68119, CVE-2025-68121, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32281, CVE-2026-32282, CVE-2026-32288, CVE-2026-32289, CVE-2026-33809), vim-minimal-2:8.2.2637-20.el9_1 (CVE-2025-29768, CVE-2026-28418, CVE-2026-28419, CVE-2026-28420, CVE-2026-35177, CVE-2026-39881), gdb-gdbserver-10.2-10.el9 (CVE-2025-11081, CVE-2025-11082, CVE-2025-11083, CVE-2025-5245, CVE-2026-4647), nodejs-docs-1:16.18.1-3.el9_1 (CVE-2021-27290, CVE-2021-3807, CVE-2022-25883, CVE-2023-38552, CVE-2023-46809, CVE-2024-24806, CVE-2025-29087, CVE-2025-59464, CVE-2025-62408, CVE-2025-64118, CVE-2025-64756, CVE-2025-7458, CVE-2026-1527, CVE-2026-21712, CVE-2026-21713, CVE-2026-21714, CVE-2026-21717, CVE-2026-25547, CVE-2026-2581, CVE-2026-27903, CVE-2026-27904, CVE-2026-33671, CVE-2026-33672), libmount-2.37.4-9.el9 (CVE-2026-27456), nodejs-libs-1:16.18.1-3.el9_1 (CVE-2021-27290, CVE-2021-3807, CVE-2022-25883, CVE-2023-38552, CVE-2023-46809, CVE-2024-24806, CVE-2025-29087, CVE-2025-59464, CVE-2025-62408, CVE-2025-64118, CVE-2025-64756, CVE-2025-7458, CVE-2026-1527, CVE-2026-21712, CVE-2026-21713, CVE-2026-21714, CVE-2026-21717, CVE-2026-25547, CVE-2026-2581, CVE-2026-27903, CVE-2026-27904, CVE-2026-33671, CVE-2026-33672), libpng-2:1.6.37-12.el9 (CVE-2025-28164, CVE-2025-64505, CVE-2025-64506, CVE-2026-33416, CVE-2026-33636, CVE-2026-34757), freetype-2.10.4-9.el9 (CVE-2026-23865), npm-1:8.19.2-1.16.18.1.3.el9_1 (CVE-2021-27290, CVE-2021-3807, CVE-2022-25883, CVE-2023-38552, CVE-2023-46809, CVE-2024-24806, CVE-2025-29087, CVE-2025-59464, CVE-2025-62408, CVE-2025-64118, CVE-2025-64756, CVE-2025-7458, CVE-2026-1527, CVE-2026-21712, CVE-2026-21713, CVE-2026-21714, CVE-2026-21717, CVE-2026-25547, CVE-2026-2581, CVE-2026-27903, CVE-2026-27904, CVE-2026-33671, CVE-2026-33672), libpq-13.5-1.el9 (CVE-2025-4207), coreutils-single-8.32-32.el9 (CVE-2025-5278), binutils-gold-2.35.2-24.el9 (CVE-2021-20197, CVE-2021-45078, CVE-2025-11081, CVE-2025-11082, CVE-2025-5245, CVE-2025-7545, CVE-2026-4647), llvm-libs-14.0.6-1.el9 (CVE-2026-27903), glibc-2.34-40.el9_1.1 (CVE-2026-4046, CVE-2026-4437), openssh-8.7p1-24.el9_1 (CVE-2023-51767, CVE-2025-32728, CVE-2026-35414), systemd-pam-250-12.el9_1.3 (CVE-2026-29111, CVE-2026-4105), util-linux-2.37.4-9.el9 (CVE-2026-27456), xz-5.2.5-8.el9_0 (CVE-2026-34743), p11-kit-trust-0.24.1-2.el9 (CVE-2026-2100), openssl-1:3.0.1-47.el9_1 (CVE-2026-28390, CVE-2026-31790), libX11-common-1.7.0-7.el9 (CVE-2022-3554), libxml2-devel-2.9.13-3.el9_1 (CVE-2026-0990, CVE-2026-1757), glibc-headers-2.34-40.el9_1.1 (CVE-2026-4046, CVE-2026-4437), vim-filesystem-2:8.2.2637-20.el9_1 (CVE-2025-29768, CVE-2026-28418, CVE-2026-28419, CVE-2026-28420, CVE-2026-35177, CVE-2026-39881), perl-Git-2.31.1-3.el9_1 (CVE-2025-48386), wget-1.21.1-7.el9 (CVE-2021-31879, CVE-2024-10524), qt5-srpm-macros-5.15.3-1.el9 (CVE-2021-38593, CVE-2023-24607, CVE-2025-5683), xz-libs-5.2.5-8.el9_0 (CVE-2026-34743), libX11-devel-1.7.0-7.el9 (CVE-2022-3554), libcurl-devel-7.76.1-19.el9_1.1 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), libblkid-devel-2.37.4-9.el9 (CVE-2026-27456), glibc-devel-2.34-40.el9_1.1 (CVE-2026-4046, CVE-2026-4437), glib2-devel-2.68.4-5.el9 (CVE-2025-14087, CVE-2025-14512, CVE-2026-1484, CVE-2026-1489), gdb-headless-10.2-10.el9 (CVE-2025-11081, CVE-2025-11082, CVE-2025-11083, CVE-2025-5245, CVE-2026-4647), openldap-compat-2.6.2-3.el9 (CVE-2026-22185), expat-2.4.9-1.el9_1.1 (CVE-2026-32776, CVE-2026-32777, CVE-2026-32778), python3-pip-wheel-21.2.3-6.el9 (CVE-2023-45803, CVE-2025-50181, CVE-2025-50182, CVE-2026-25645, CVE-2026-32284), nodejs-full-i18n-1:16.18.1-3.el9_1 (CVE-2021-27290, CVE-2021-3807, CVE-2022-25883, CVE-2023-38552, CVE-2023-46809, CVE-2024-24806, CVE-2025-29087, CVE-2025-59464, CVE-2025-62408, CVE-2025-64118, CVE-2025-64756, CVE-2025-7458, CVE-2026-1527, CVE-2026-21712, CVE-2026-21713, CVE-2026-21714, CVE-2026-21717, CVE-2026-25547, CVE-2026-2581, CVE-2026-27903, CVE-2026-27904, CVE-2026-33671, CVE-2026-33672), curl-minimal-7.76.1-19.el9_1.1 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), glibc-langpack-en-2.34-40.el9_1.1 (CVE-2026-4046, CVE-2026-4437), systemd-rpm-macros-250-12.el9_1.3 (CVE-2026-29111, CVE-2026-4105), libcurl-minimal-7.76.1-19.el9_1.1 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), glibc-common-2.34-40.el9_1.1 (CVE-2026-4046, CVE-2026-4437), glibc-gconv-extra-2.34-40.el9_1.1 (CVE-2026-4046, CVE-2026-4437), bsdtar-3.5.3-3.el9 (CVE-2023-30571, CVE-2025-60753, CVE-2026-4426, CVE-2026-5745), fontconfig-2.14.0-2.el9_1 (CVE-2026-34085), git-core-2.31.1-3.el9_1 (CVE-2025-48386), git-2.31.1-3.el9_1 (CVE-2025-48386), gnupg2-2.3.3-2.el9_0 (CVE-2025-68972), tar-2:1.34-6.el9_1 (CVE-2025-64118, CVE-2026-33056, CVE-2026-5704), systemd-250-12.el9_1.3 (CVE-2026-29111, CVE-2026-4105), glibc-minimal-langpack-2.34-40.el9_1.1 (CVE-2026-4046, CVE-2026-4437), openssl-libs-1:3.0.1-47.el9_1 (CVE-2026-28390, CVE-2026-31790), rsync-3.2.3-18.el9 (CVE-2024-12086), libfdisk-2.37.4-9.el9 (CVE-2026-27456), glibc-locale-source-2.34-40.el9_1.1 (CVE-2026-4046, CVE-2026-4437)", "name": "clair_unpatched_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 422 } }, { "msg": "Found packages with low/negligible vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: python3-libs-3.9.14-1.el9_1.2 (CVE-2024-0397, CVE-2024-4032, CVE-2024-5642, CVE-2024-7592, CVE-2025-6075), golang-src-1.18.9-1.el9_1 (CVE-2024-45341), gnutls-3.7.6-12.el9_0 (CVE-2025-9820), gdb-10.2-10.el9 (CVE-2021-3826), shadow-utils-2:4.9-5.el9 (CVE-2023-4641, CVE-2024-56433), libtiff-devel-4.4.0-5.el9_1 (CVE-2023-6228), procps-ng-3.3.17-8.el9 (CVE-2023-4016), libarchive-3.5.3-3.el9 (CVE-2022-36227), file-libs-5.39-10.el9 (CVE-2022-48554), openssl-devel-1:3.0.1-47.el9_1 (CVE-2022-3358, CVE-2023-0464, CVE-2023-0465, CVE-2023-1255, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727, CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535, CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796), python3-3.9.14-1.el9_1.2 (CVE-2024-0397, CVE-2024-4032, CVE-2024-5642, CVE-2024-7592, CVE-2025-6075), golang-1.18.9-1.el9_1 (CVE-2024-45341), libpq-devel-13.5-1.el9 (CVE-2022-41862), nodejs-1:16.18.1-3.el9_1 (CVE-2023-23920, CVE-2023-24807, CVE-2023-31124, CVE-2023-39333, CVE-2023-45143, CVE-2024-22018, CVE-2024-25629, CVE-2024-36137, CVE-2025-23165, CVE-2026-21715, CVE-2026-21716), glib2-2.68.4-5.el9 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32665), libtiff-4.4.0-5.el9_1 (CVE-2023-6228), git-core-doc-2.31.1-3.el9_1 (CVE-2023-25815, CVE-2024-32020, CVE-2024-32021, CVE-2024-50349, CVE-2024-52006, CVE-2025-46835), golang-bin-1.18.9-1.el9_1 (CVE-2024-45341), go-toolset-1.18.9-1.el9_1 (CVE-2024-45341), vim-minimal-2:8.2.2637-20.el9_1 (CVE-2021-3903, CVE-2023-4752), gdb-gdbserver-10.2-10.el9 (CVE-2021-3826), nodejs-docs-1:16.18.1-3.el9_1 (CVE-2023-23920, CVE-2023-24807, CVE-2023-31124, CVE-2023-39333, CVE-2023-45143, CVE-2024-22018, CVE-2024-25629, CVE-2024-36137, CVE-2025-23165, CVE-2026-21715, CVE-2026-21716), libcap-2.48-8.el9 (CVE-2023-2602), nodejs-libs-1:16.18.1-3.el9_1 (CVE-2023-23920, CVE-2023-24807, CVE-2023-31124, CVE-2024-25629, CVE-2025-23165, CVE-2026-21715, CVE-2026-21716), npm-1:8.19.2-1.16.18.1.3.el9_1 (CVE-2023-23920, CVE-2023-24807, CVE-2023-31124, CVE-2023-39333, CVE-2023-45143, CVE-2024-22018, CVE-2024-25629, CVE-2024-36137, CVE-2025-23165), file-5.39-10.el9 (CVE-2022-48554), libpq-13.5-1.el9 (CVE-2022-41862), glibc-2.34-40.el9_1.1 (CVE-2024-33601, CVE-2024-33602, CVE-2025-15281, CVE-2026-0861), lua-libs-5.4.4-2.el9_1 (CVE-2022-28805), openssl-1:3.0.1-47.el9_1 (CVE-2022-3358, CVE-2023-0464, CVE-2023-0465, CVE-2023-1255, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727, CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535, CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796), glibc-headers-2.34-40.el9_1.1 (CVE-2024-33601, CVE-2024-33602), vim-filesystem-2:8.2.2637-20.el9_1 (CVE-2021-3903, CVE-2023-4752), ncurses-6.2-8.20210508.el9 (CVE-2022-29458), ncurses-libs-6.2-8.20210508.el9 (CVE-2022-29458), perl-Git-2.31.1-3.el9_1 (CVE-2023-25815, CVE-2024-32020, CVE-2024-32021, CVE-2024-50349, CVE-2024-52006, CVE-2025-46835), qt5-srpm-macros-5.15.3-1.el9 (CVE-2023-32573), libcurl-devel-7.76.1-19.el9_1.1 (CVE-2022-35252, CVE-2022-43552, CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), delve-1.8.3-1.el9 (CVE-2024-45341), glibc-devel-2.34-40.el9_1.1 (CVE-2024-33601, CVE-2024-33602), glib2-devel-2.68.4-5.el9 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32665), ncurses-base-6.2-8.20210508.el9 (CVE-2022-29458), gdb-headless-10.2-10.el9 (CVE-2021-3826), krb5-libs-1.19.1-24.el9_1 (CVE-2024-26458, CVE-2024-26461), nodejs-full-i18n-1:16.18.1-3.el9_1 (CVE-2023-23920, CVE-2023-24807, CVE-2023-31124, CVE-2023-39333, CVE-2023-45143, CVE-2024-22018, CVE-2024-25629, CVE-2024-36137, CVE-2025-23165, CVE-2026-21715, CVE-2026-21716), curl-minimal-7.76.1-19.el9_1.1 (CVE-2022-35252, CVE-2022-43552, CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), glibc-langpack-en-2.34-40.el9_1.1 (CVE-2024-33601, CVE-2024-33602), libcurl-minimal-7.76.1-19.el9_1.1 (CVE-2022-35252, CVE-2022-43552, CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), glibc-common-2.34-40.el9_1.1 (CVE-2024-33601, CVE-2024-33602), glibc-gconv-extra-2.34-40.el9_1.1 (CVE-2024-33601, CVE-2024-33602), bsdtar-3.5.3-3.el9 (CVE-2022-36227), git-core-2.31.1-3.el9_1 (CVE-2023-25815, CVE-2024-32020, CVE-2024-32021, CVE-2024-50349, CVE-2024-52006, CVE-2025-46835), git-2.31.1-3.el9_1 (CVE-2023-25815, CVE-2024-32020, CVE-2024-32021, CVE-2024-50349, CVE-2024-52006, CVE-2025-46835), glibc-minimal-langpack-2.34-40.el9_1.1 (CVE-2024-33601, CVE-2024-33602), openssl-libs-1:3.0.1-47.el9_1 (CVE-2022-3358, CVE-2023-0464, CVE-2023-0465, CVE-2023-1255, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727, CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535, CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796), glibc-locale-source-2.34-40.el9_1.1 (CVE-2024-33601, CVE-2024-33602)", "name": "clair_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 229 } }, { "msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: elfutils-libs-0.187-5.el9 (CVE-2024-25260, CVE-2025-1371, CVE-2025-1376, CVE-2025-1377), openssh-clients-8.7p1-24.el9_1 (CVE-2026-35386, CVE-2026-35387, CVE-2026-35388), python3-libs-3.9.14-1.el9_1.2 (CVE-2025-1795, CVE-2026-2297, CVE-2026-3479), pcre2-devel-10.40-2.el9 (CVE-2022-41409), gawk-5.1.0-6.el9 (CVE-2023-4156), golang-src-1.18.9-1.el9_1 (CVE-2026-27138, CVE-2026-27139), gdb-10.2-10.el9 (CVE-2022-47007, CVE-2022-47010, CVE-2022-47011, CVE-2024-57360, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198, CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866, CVE-2025-69644, CVE-2025-69645, CVE-2025-69646, CVE-2025-69647, CVE-2025-69648, CVE-2025-69649, CVE-2025-69650, CVE-2025-69651, CVE-2025-69652), libtiff-devel-4.4.0-5.el9_1 (CVE-2017-16232, CVE-2022-1056, CVE-2023-1916, CVE-2024-13978, CVE-2025-8961, CVE-2025-9165), libxslt-1.1.34-9.el9 (CVE-2025-11731), unzip-6.0-56.el9 (CVE-2021-4217, CVE-2022-0529, CVE-2022-0530), binutils-2.35.2-24.el9 (CVE-2021-3826, CVE-2022-38533, CVE-2022-44840, CVE-2022-47007, CVE-2022-47008, CVE-2022-47010, CVE-2022-47011, CVE-2023-1972, CVE-2024-57360, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198, CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866, CVE-2025-69644, CVE-2025-69645, CVE-2025-69646, CVE-2025-69647, CVE-2025-69648, CVE-2025-69649, CVE-2025-69650, CVE-2025-69651, CVE-2025-69652), pcre2-utf32-10.40-2.el9 (CVE-2022-41409), libarchive-3.5.3-3.el9 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), pkgconf-m4-1.7.3-9.el9 (CVE-2023-24056), libX11-xcb-1.7.0-7.el9 (CVE-2022-3555), openssl-devel-1:3.0.1-47.el9_1 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232, CVE-2026-2673, CVE-2026-28386, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), libxml2-2.9.13-3.el9_1 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170, CVE-2026-0989, CVE-2026-0992), libpng-devel-2:1.6.37-12.el9 (CVE-2022-3857), python3-3.9.14-1.el9_1.2 (CVE-2025-1795, CVE-2026-2297, CVE-2026-3479), zlib-1.2.11-35.el9_1 (CVE-2026-27171), pkgconf-pkg-config-1.7.3-9.el9 (CVE-2023-24056), golang-1.18.9-1.el9_1 (CVE-2026-27138, CVE-2026-27139), gcc-c++-11.3.1-2.1.el9 (CVE-2022-27943), sqlite-3.34.1-6.el9_1 (CVE-2024-0232, CVE-2025-70873), gcc-plugin-annobin-11.3.1-2.1.el9 (CVE-2022-27943), libxslt-devel-1.1.34-9.el9 (CVE-2025-11731), nodejs-1:16.18.1-3.el9_1 (CVE-2023-39333, CVE-2023-45143, CVE-2024-21538, CVE-2025-47279, CVE-2025-5889, CVE-2025-70873, CVE-2026-21715, CVE-2026-21716, CVE-2026-22036, CVE-2026-27171), glib2-2.68.4-5.el9 (CVE-2023-32636, CVE-2025-3360, CVE-2025-7039, CVE-2026-0988, CVE-2026-1485), libX11-1.7.0-7.el9 (CVE-2022-3555), libtiff-4.4.0-5.el9_1 (CVE-2017-16232, CVE-2022-1056, CVE-2023-1916, CVE-2024-13978, CVE-2025-8961, CVE-2025-9165), libstdc++-11.3.1-2.1.el9 (CVE-2022-27943), golang-bin-1.18.9-1.el9_1 (CVE-2026-27138, CVE-2026-27139), go-toolset-1.18.9-1.el9_1 (CVE-2026-27138, CVE-2026-27139), vim-minimal-2:8.2.2637-20.el9_1 (CVE-2021-3927, CVE-2021-3928, CVE-2021-3968, CVE-2021-3973, CVE-2021-3974, CVE-2021-4136, CVE-2021-4166, CVE-2021-4173, CVE-2021-4187, CVE-2022-0213, CVE-2022-0351, CVE-2022-1616, CVE-2022-1619, CVE-2022-1620, CVE-2022-1674, CVE-2022-1720, CVE-2022-1725, CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2257, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3037, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-3234, CVE-2022-3235, CVE-2022-3256, CVE-2022-3278, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352, CVE-2022-3705, CVE-2022-4141, CVE-2022-4292, CVE-2022-4293, CVE-2023-0049, CVE-2023-0051, CVE-2023-0054, CVE-2023-0288, CVE-2023-0433, CVE-2023-0512, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1264, CVE-2023-2609, CVE-2023-2610, CVE-2023-46246, CVE-2023-4734, CVE-2023-4735, CVE-2023-4738, CVE-2023-4751, CVE-2023-4781, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535, CVE-2024-22667, CVE-2024-41957, CVE-2024-41965, CVE-2024-43374, CVE-2024-43802, CVE-2024-45306, CVE-2024-47814, CVE-2025-1215, CVE-2025-22134, CVE-2025-24014, CVE-2025-26603, CVE-2026-26269, CVE-2026-28422), gdb-gdbserver-10.2-10.el9 (CVE-2022-47007, CVE-2022-47010, CVE-2022-47011, CVE-2024-57360, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198, CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866, CVE-2025-69644, CVE-2025-69645, CVE-2025-69646, CVE-2025-69647, CVE-2025-69648, CVE-2025-69649, CVE-2025-69650, CVE-2025-69651, CVE-2025-69652), nodejs-docs-1:16.18.1-3.el9_1 (CVE-2023-39333, CVE-2023-45143, CVE-2024-21538, CVE-2025-47279, CVE-2025-5889, CVE-2025-70873, CVE-2026-21715, CVE-2026-21716, CVE-2026-22036, CVE-2026-27171), nodejs-libs-1:16.18.1-3.el9_1 (CVE-2023-39333, CVE-2023-45143, CVE-2024-21538, CVE-2025-47279, CVE-2025-5889, CVE-2025-70873, CVE-2026-21715, CVE-2026-21716, CVE-2026-22036, CVE-2026-27171), libpng-2:1.6.37-12.el9 (CVE-2022-3857), emacs-filesystem-1:27.2-6.el9 (CVE-2017-1000383), npm-1:8.19.2-1.16.18.1.3.el9_1 (CVE-2023-39333, CVE-2023-45143, CVE-2024-21538, CVE-2025-47279, CVE-2025-5889, CVE-2025-70873, CVE-2026-21715, CVE-2026-21716, CVE-2026-22036, CVE-2026-27171), libgcc-11.3.1-2.1.el9 (CVE-2022-27943), binutils-gold-2.35.2-24.el9 (CVE-2021-3826, CVE-2022-38533, CVE-2022-44840, CVE-2022-47007, CVE-2022-47008, CVE-2022-47010, CVE-2022-47011, CVE-2023-1972, CVE-2024-57360, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198, CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866, CVE-2025-69644, CVE-2025-69645, CVE-2025-69646, CVE-2025-69647, CVE-2025-69648, CVE-2025-69649, CVE-2025-69650, CVE-2025-69651, CVE-2025-69652), elfutils-default-yama-scope-0.187-5.el9 (CVE-2024-25260, CVE-2025-1371, CVE-2025-1376, CVE-2025-1377), elfutils-debuginfod-client-0.187-5.el9 (CVE-2024-25260, CVE-2025-1371, CVE-2025-1376, CVE-2025-1377), pcre2-10.40-2.el9 (CVE-2022-41409), glibc-2.34-40.el9_1.1 (CVE-2026-4438), openssh-8.7p1-24.el9_1 (CVE-2026-35386, CVE-2026-35387, CVE-2026-35388), zlib-devel-1.2.11-35.el9_1 (CVE-2026-27171), sqlite-libs-3.34.1-6.el9_1 (CVE-2024-0232, CVE-2025-70873), sqlite-devel-3.34.1-6.el9_1 (CVE-2024-0232, CVE-2025-70873), openssl-1:3.0.1-47.el9_1 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232, CVE-2026-2673, CVE-2026-28386, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), libX11-common-1.7.0-7.el9 (CVE-2022-3555), libxml2-devel-2.9.13-3.el9_1 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170, CVE-2026-0989, CVE-2026-0992), glibc-headers-2.34-40.el9_1.1 (CVE-2026-4438), vim-filesystem-2:8.2.2637-20.el9_1 (CVE-2021-3927, CVE-2021-3928, CVE-2021-3968, CVE-2021-3973, CVE-2021-3974, CVE-2021-4136, CVE-2021-4166, CVE-2021-4173, CVE-2021-4187, CVE-2022-0213, CVE-2022-0351, CVE-2022-1616, CVE-2022-1619, CVE-2022-1620, CVE-2022-1674, CVE-2022-1720, CVE-2022-1725, CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2257, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3037, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-3234, CVE-2022-3235, CVE-2022-3256, CVE-2022-3278, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352, CVE-2022-3705, CVE-2022-4141, CVE-2022-4292, CVE-2022-4293, CVE-2023-0049, CVE-2023-0051, CVE-2023-0054, CVE-2023-0288, CVE-2023-0433, CVE-2023-0512, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1264, CVE-2023-2609, CVE-2023-2610, CVE-2023-46246, CVE-2023-4734, CVE-2023-4735, CVE-2023-4738, CVE-2023-4751, CVE-2023-4781, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535, CVE-2024-22667, CVE-2024-41957, CVE-2024-41965, CVE-2024-43374, CVE-2024-43802, CVE-2024-45306, CVE-2024-47814, CVE-2025-1215, CVE-2025-22134, CVE-2025-24014, CVE-2025-26603, CVE-2026-26269, CVE-2026-28422), ncurses-6.2-8.20210508.el9 (CVE-2023-50495), ncurses-libs-6.2-8.20210508.el9 (CVE-2023-50495), qt5-srpm-macros-5.15.3-1.el9 (CVE-2025-23050), libX11-devel-1.7.0-7.el9 (CVE-2022-3555), libcurl-devel-7.76.1-19.el9_1.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224), glibc-devel-2.34-40.el9_1.1 (CVE-2026-4438), glib2-devel-2.68.4-5.el9 (CVE-2023-32636, CVE-2025-3360, CVE-2025-7039, CVE-2026-0988, CVE-2026-1485), pcre2-syntax-10.40-2.el9 (CVE-2022-41409), pcre2-utf16-10.40-2.el9 (CVE-2022-41409), ncurses-base-6.2-8.20210508.el9 (CVE-2023-50495), pkgconf-1.7.3-9.el9 (CVE-2023-24056), gdb-headless-10.2-10.el9 (CVE-2022-47007, CVE-2022-47010, CVE-2022-47011, CVE-2024-57360, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198, CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866, CVE-2025-69644, CVE-2025-69645, CVE-2025-69646, CVE-2025-69647, CVE-2025-69648, CVE-2025-69649, CVE-2025-69650, CVE-2025-69651, CVE-2025-69652), expat-2.4.9-1.el9_1.1 (CVE-2025-66382, CVE-2026-24515, CVE-2026-41080), libgomp-11.3.1-2.1.el9 (CVE-2022-27943), python3-pip-wheel-21.2.3-6.el9 (CVE-2021-3572), nodejs-full-i18n-1:16.18.1-3.el9_1 (CVE-2023-39333, CVE-2023-45143, CVE-2024-21538, CVE-2025-47279, CVE-2025-5889, CVE-2025-70873, CVE-2026-21715, CVE-2026-21716, CVE-2026-22036, CVE-2026-27171), patch-2.7.6-16.el9 (CVE-2021-45261), curl-minimal-7.76.1-19.el9_1.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224), glibc-langpack-en-2.34-40.el9_1.1 (CVE-2026-4438), libcurl-minimal-7.76.1-19.el9_1.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224), glibc-common-2.34-40.el9_1.1 (CVE-2026-4438), libtasn1-4.16.0-8.el9_1 (CVE-2025-13151), glibc-gconv-extra-2.34-40.el9_1.1 (CVE-2026-4438), bsdtar-3.5.3-3.el9 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), gcc-11.3.1-2.1.el9 (CVE-2022-27943), elfutils-libelf-0.187-5.el9 (CVE-2024-25260, CVE-2025-1371, CVE-2025-1376, CVE-2025-1377), libpkgconf-1.7.3-9.el9 (CVE-2023-24056), gnupg2-2.3.3-2.el9_0 (CVE-2022-3219, CVE-2025-30258, CVE-2026-24883), cmake-filesystem-3.20.2-7.el9 (CVE-2025-9301), tar-2:1.34-6.el9_1 (CVE-2023-39804), glibc-minimal-langpack-2.34-40.el9_1.1 (CVE-2026-4438), cpp-11.3.1-2.1.el9 (CVE-2022-27943), openssl-libs-1:3.0.1-47.el9_1 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232, CVE-2026-2673, CVE-2026-28386, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), rsync-3.2.3-18.el9 (CVE-2026-27171), glibc-locale-source-2.34-40.el9_1.1 (CVE-2026-4438), libstdc++-devel-11.3.1-2.1.el9 (CVE-2022-27943)", "name": "clair_unpatched_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 620 } }, { "msg": "Found packages with unknown vulnerabilities. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libwebp-1.2.0-3.el9 (CVE-2023-5129), libwebp-devel-1.2.0-3.el9 (CVE-2023-5129)", "name": "clair_unknown_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 2 } } ] } ] {"vulnerabilities":{"critical":0,"high":318,"medium":837,"low":229,"unknown":2},"unpatched_vulnerabilities":{"critical":0,"high":31,"medium":422,"low":620,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60", "digests": ["sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c"]}} {"result":"SUCCESS","timestamp":"2026-04-17T20:12:06+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: go-component-htuyve-on-pull-request-lkhsl-clamav-scan-pod | init container: prepare 2026/04/17 20:09:41 Entrypoint initialization pod: go-component-htuyve-on-pull-request-lkhsl-clamav-scan-pod | init container: place-scripts 2026/04/17 20:09:53 Decoded script /tekton/scripts/script-0-hpvp2 2026/04/17 20:09:53 Decoded script /tekton/scripts/script-1-cnngq pod: go-component-htuyve-on-pull-request-lkhsl-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Detecting artifact type for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c. Detected container image. Processing image manifests. Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. pod: go-component-htuyve-on-pull-request-lkhsl-clamav-scan-pod | container step-upload: pod: go-component-htuyve-on-pull-request-lkhsl-clone-repository-pod | init container: prepare 2026/04/17 20:05:59 Entrypoint initialization pod: go-component-htuyve-on-pull-request-lkhsl-clone-repository-pod | init container: place-scripts 2026/04/17 20:06:06 Decoded script /tekton/scripts/script-0-65r4j 2026/04/17 20:06:06 Decoded script /tekton/scripts/script-1-jpw5r pod: go-component-htuyve-on-pull-request-lkhsl-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1776456373.1596715,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776456374.93245,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ 3975fe9fc7ca291d00875b71a6764cd9cf210a60 (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1776456374.9324944,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776456374.969667,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision 3975fe9fc7ca291d00875b71a6764cd9cf210a60 directly. pod: go-component-htuyve-on-pull-request-lkhsl-clone-repository-pod | container step-symlink-check: Running symlink check pod: go-component-htuyve-on-pull-request-lkhsl-init-pod | init container: prepare 2026/04/17 20:05:14 Entrypoint initialization pod: go-component-htuyve-on-pull-request-lkhsl-init-pod | container step-init: time="2026-04-17T20:05:27Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:05:27Z" level=info msg="[param] enable: false" time="2026-04-17T20:05:27Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:05:27Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:05:27Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:05:27Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:05:27Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:05:27Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:05:27Z" level=info msg="[result] NO PROXY: " pod: go-component-htuyve-on-pull-request-lkhsl-push-dockerfile-pod | init container: prepare 2026/04/17 20:09:51 Entrypoint initialization pod: go-component-htuyve-on-pull-request-lkhsl-push-dockerfile-pod | init container: working-dir-initializer pod: go-component-htuyve-on-pull-request-lkhsl-push-dockerfile-pod | container step-push: time="2026-04-17T20:10:12Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60" time="2026-04-17T20:10:12Z" level=info msg="[param] image-digest: sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c" time="2026-04-17T20:10:12Z" level=info msg="[param] containerfile: docker/Dockerfile" time="2026-04-17T20:10:12Z" level=info msg="[param] context: go-component" time="2026-04-17T20:10:12Z" level=info msg="[param] tag-suffix: .dockerfile" time="2026-04-17T20:10:12Z" level=info msg="[param] artifact-type: application/vnd.konflux.dockerfile" time="2026-04-17T20:10:12Z" level=info msg="[param] source: source" time="2026-04-17T20:10:12Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-17T20:10:12Z" level=info msg="[param] alternative-filename: Dockerfile" time="2026-04-17T20:10:13Z" level=info msg="oras [stdout] quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:19a7e1d4933b925e619fa63a3cb58bf740ca48e82720ff58e8263b047cdaab52" logger=CliExecutor time="2026-04-17T20:10:13Z" level=info msg="Containerfile '/workspace/workspace/source/go-component/docker/Dockerfile' is pushed to registry with tag: sha256-b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c.dockerfile" {"image_ref":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:19a7e1d4933b925e619fa63a3cb58bf740ca48e82720ff58e8263b047cdaab52"} pod: go-component-htuyve-on-pull-request-lkhsl-sast-shell-check-pod | init container: prepare 2026/04/17 20:09:41 Entrypoint initialization pod: go-component-htuyve-on-pull-request-lkhsl-sast-shell-check-pod | init container: place-scripts 2026/04/17 20:09:49 Decoded script /tekton/scripts/script-0-6nc9s 2026/04/17 20:09:49 Decoded script /tekton/scripts/script-1-972sq pod: go-component-htuyve-on-pull-request-lkhsl-sast-shell-check-pod | init container: working-dir-initializer pod: go-component-htuyve-on-pull-request-lkhsl-sast-shell-check-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=go-component-htuyve + echo 'INFO: The PROJECT_NAME used is: go-component-htuyve' INFO: The PROJECT_NAME used is: go-component-htuyve + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/workspace/workspace/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/workspace/workspace/source/. ++ realpath -m /workspace/workspace/source/. + resolved_path=/workspace/workspace/source + [[ /workspace/workspace/source == \/\w\o\r\k\s\p\a\c\e\/\w\o\r\k\s\p\a\c\e\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh + /usr/share/csmock/scripts/run-shellcheck.sh /workspace/workspace/source Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/sendemail-validate.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/update.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/workspace/workspace/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-118.json ./shellcheck-results/sc-131.json ./shellcheck-results/sc-132.json ./shellcheck-results/sc-134.json ./shellcheck-results/sc-85.json ./shellcheck-results/sc-88.json ./shellcheck-results/sc-89.json ./shellcheck-results/sc-91.json ./shellcheck-results/sc-95.json ./shellcheck-results/sc-99.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered ShellCheck results have been saved to shellcheck-results.json + echo 'ShellCheck results have been saved to shellcheck-results.json' + csgrep --mode=evtstat shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + TEST_OUTPUT= + parse_test_output sast-shell-check sarif shellcheck-results.sarif + TEST_NAME=sast-shell-check + TEST_RESULT_FORMAT=sarif + TEST_RESULT_FILE=shellcheck-results.sarif + '[' -z sast-shell-check ']' + '[' -z sarif ']' + '[' -z shellcheck-results.sarif ']' + '[' '!' -f shellcheck-results.sarif ']' + '[' sarif = sarif ']' +++ jq -rce '(if (.runs[].results | length > 0) then "FAILURE" else "SUCCESS" end)' shellcheck-results.sarif +++ jq -rce '(.runs[].results | length)' shellcheck-results.sarif ++ make_result_json -r SUCCESS -f 0 ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ FAILURES=0 ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-04-17T20:10:16+00:00 --arg result SUCCESS --arg note 'For details, check Tekton task log.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-17T20:10:16+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-17T20:10:16+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-17T20:10:16+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-17T20:10:16+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ jq .failures + '[' 0 -gt 0 ']' + echo '{"result":"SUCCESS","timestamp":"2026-04-17T20:10:16+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-04-17T20:10:16+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: go-component-htuyve-on-pull-request-lkhsl-sast-shell-check-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve Attaching to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c shellcheck-results.sarif:application/sarif+json Preparing shellcheck-results.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 3b606a9dd3a1 shellcheck-results.sarif Uploaded 3b606a9dd3a1 shellcheck-results.sarif Uploading 54e7dd40cf50 application/vnd.oci.image.manifest.v1+json Uploaded 54e7dd40cf50 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c Digest: sha256:54e7dd40cf50c40f8895d0cedbb4fa9c774294334e228a6d8dd4492e739ff5c5 No excluded-findings.json exists. Skipping upload. pod: go-component-htuyve-on-pull-request-lkhsl-sast-snyk-check-pod | init container: prepare 2026/04/17 20:10:00 Entrypoint initialization pod: go-component-htuyve-on-pull-request-lkhsl-sast-snyk-check-pod | init container: place-scripts 2026/04/17 20:10:05 Decoded script /tekton/scripts/script-0-cldfw 2026/04/17 20:10:05 Decoded script /tekton/scripts/script-1-hjjpf pod: go-component-htuyve-on-pull-request-lkhsl-sast-snyk-check-pod | init container: working-dir-initializer pod: go-component-htuyve-on-pull-request-lkhsl-sast-snyk-check-pod | container step-sast-snyk-check: INFO: The PROJECT_NAME used is: go-component-htuyve INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' {"result":"SKIPPED","timestamp":"2026-04-17T20:10:59+00:00","note":"Task sast-snyk-check skipped: If you wish to use the Snyk code SAST task, please create a secret name snyk-secret with the key 'snyk_token' containing the Snyk token by following the steps given [here](https://konflux-ci.dev/docs/testing/build/snyk/)","namespace":"default","successes":0,"failures":0,"warnings":0} pod: go-component-htuyve-on-pull-request-lkhsl-sast-snyk-check-pod | container step-upload: No sast_snyk_check_out.sarif exists. Skipping upload. No excluded-findings.json exists. Skipping upload. pod: go-component-htuyve-on-pull21686780a614049a253cef2908553f03-pod | init container: prepare 2026/04/17 20:09:46 Entrypoint initialization pod: go-component-htuyve-on-pull21686780a614049a253cef2908553f03-pod | init container: place-scripts 2026/04/17 20:09:54 Decoded script /tekton/scripts/script-0-mcvbn 2026/04/17 20:09:54 Decoded script /tekton/scripts/script-1-nrltp pod: go-component-htuyve-on-pull21686780a614049a253cef2908553f03-pod | init container: working-dir-initializer pod: go-component-htuyve-on-pull21686780a614049a253cef2908553f03-pod | container step-sast-unicode-check: + . /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=go-component-htuyve + echo 'INFO: The PROJECT_NAME used is: go-component-htuyve' + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' INFO: The PROJECT_NAME used is: go-component-htuyve + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust + SCAN_PROP=https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 + FUC_EXIT_CODE=0 + LANG=en_US.utf8 + find_unicode_control.py -p bidi -v -d -t /workspace/workspace/source + [[ 0 -ne 0 ]] + sed -i raw_sast_unicode_check_out.txt -E -e 's|(.*:[0-9]+)(.*)|\1: warning:\2|' -e 's|^|Error: UNICONTROL_WARNING:\n|' + CSGERP_OPTS=(--mode=json --remove-duplicates --embed-context=3 --set-scan-prop="${SCAN_PROP}" --strip-path-prefix="${SOURCE_CODE_DIR}"/source/) + csgrep --mode=json --remove-duplicates --embed-context=3 --set-scan-prop=https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 --strip-path-prefix=/workspace/workspace/source/ raw_sast_unicode_check_out.txt + csgrep --mode=evtstat processed_sast_unicode_check_out.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' + mv processed_sast_unicode_check_out.json sast_unicode_check_out.json INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered + csgrep --mode=sarif sast_unicode_check_out.json + [[ 0 -eq 0 ]] + note='Task sast-unicode-check success: No finding was detected' ++ make_result_json -r SUCCESS -t 'Task sast-unicode-check success: No finding was detected' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-unicode-check success: No finding was detected' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-04-17T20:10:31+00:00 --arg result SUCCESS --arg note 'Task sast-unicode-check success: No finding was detected' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-17T20:10:31+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-17T20:10:31+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + ERROR_OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-17T20:10:31+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2026-04-17T20:10:31+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-04-17T20:10:31+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: go-component-htuyve-on-pull21686780a614049a253cef2908553f03-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve Attaching to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c sast_unicode_check_out.sarif:application/sarif+json Preparing sast_unicode_check_out.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 1da9b99b8b41 sast_unicode_check_out.sarif Uploaded 1da9b99b8b41 sast_unicode_check_out.sarif Uploading 0112ef5de6cc application/vnd.oci.image.manifest.v1+json Uploaded 0112ef5de6cc application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c Digest: sha256:0112ef5de6cc1f5fda4a0d265019358fd73cd8b57915c15700aa6ddd770bd1bb No excluded-findings.json exists. Skipping upload. pod: go-component-htuyve-on-pull83009b00ed46be0ce7c237d0db53528a-pod | init container: prepare 2026/04/17 20:09:52 Entrypoint initialization pod: go-component-htuyve-on-pull83009b00ed46be0ce7c237d0db53528a-pod | init container: place-scripts 2026/04/17 20:09:55 Decoded script /tekton/scripts/script-0-vk79n 2026/04/17 20:09:55 Decoded script /tekton/scripts/script-1-4pxgc pod: go-component-htuyve-on-pull83009b00ed46be0ce7c237d0db53528a-pod | container step-rpms-signature-scan: + set -o pipefail + rpm_verifier --image-url quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 --image-digest sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c --workdir /tmp Image: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c No unsigned RPMs found {'keys': {'199e2f91fd431d51': 419, 'unsigned': 0}} ==================================== Final results: {"keys": {"199e2f91fd431d51": 419, "unsigned": 0}} Images processed: {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60", "digests": ["sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c"]}} pod: go-component-htuyve-on-pull83009b00ed46be0ce7c237d0db53528a-pod | container step-output-results: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index ++ cat /tmp/status + status=SUCCESS ++ cat /tmp/results + rpms_data='{"keys": {"199e2f91fd431d51": 419, "unsigned": 0}}' ++ cat /tmp/images_processed + images_processed='{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60", "digests": ["sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c"]}}' + '[' SUCCESS == ERROR ']' + note='Task rpms-signature-scan completed successfully' ++ make_result_json -r SUCCESS -t 'Task rpms-signature-scan completed successfully' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task rpms-signature-scan completed successfully' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-04-17T20:11:01+00:00 --arg result SUCCESS --arg note 'Task rpms-signature-scan completed successfully' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-17T20:11:01+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-17T20:11:01+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-17T20:11:01+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2026-04-17T20:11:01+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-04-17T20:11:01+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0} + echo '{"keys": {"199e2f91fd431d51": 419, "unsigned": 0}}' + tee /tekton/results/RPMS_DATA {"keys": {"199e2f91fd431d51": 419, "unsigned": 0}} + tee /tekton/results/IMAGES_PROCESSED + echo '{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60", "digests": ["sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c"]}}' {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60", "digests": ["sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c"]}} pod: go-component-htuyve-on-pulla992ca79bc4b43cd29a23bde6c3c7d02-pod | init container: prepare 2026/04/17 20:06:21 Entrypoint initialization pod: go-component-htuyve-on-pulla992ca79bc4b43cd29a23bde6c3c7d02-pod | init container: place-scripts 2026/04/17 20:06:21 Decoded script /tekton/scripts/script-0-dv4bs pod: go-component-htuyve-on-pulla992ca79bc4b43cd29a23bde6c3c7d02-pod | container step-prefetch-dependencies: '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' time="2026-04-17T20:06:27Z" level=debug msg="Starting prefetch-dependencies" time="2026-04-17T20:06:27Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:06:27Z" level=info msg="Not using package registry proxy because allow-package-registry-proxy is not set to `true` on the cluster level" logger=PrefetchDependencies time="2026-04-17T20:06:27Z" level=info msg="[param] source-dir: /workspace/source/source" time="2026-04-17T20:06:27Z" level=info msg="[param] output-dir: /workspace/source/cachi2/output" time="2026-04-17T20:06:27Z" level=info msg="[param] sbom-format: spdx" time="2026-04-17T20:06:27Z" level=info msg="[param] mode: strict" time="2026-04-17T20:06:27Z" level=info msg="[param] output-dir-mount-point: /cachi2/output" time="2026-04-17T20:06:27Z" level=info msg="[param] env-files: [/workspace/source/cachi2/cachi2.env]" time="2026-04-17T20:06:27Z" level=info msg="[param] git-auth-directory: /workspace/git-basic-auth" time="2026-04-17T20:06:28Z" level=info msg="hermeto [stdout] hermeto 0.50.1" logger=CliExecutor time="2026-04-17T20:06:28Z" level=warning msg="No input provided; skipping prefetch-dependencies" logger=PrefetchDependencies time="2026-04-17T20:06:28Z" level=debug msg="Finished prefetch-dependencies" pod: go-component-htuyve-on-pullea9ed6f4abaed6ebfb2ea0c9b94a1c4d-pod | init container: prepare 2026/04/17 20:09:38 Entrypoint initialization pod: go-component-htuyve-on-pullea9ed6f4abaed6ebfb2ea0c9b94a1c4d-pod | init container: place-scripts 2026/04/17 20:09:53 Decoded script /tekton/scripts/script-0-7l2zg 2026/04/17 20:09:53 Decoded script /tekton/scripts/script-1-4fx2b 2026/04/17 20:09:53 Decoded script /tekton/scripts/script-2-f8bxq 2026/04/17 20:09:53 Decoded script /tekton/scripts/script-3-kggbc 2026/04/17 20:09:53 Decoded script /tekton/scripts/script-4-rxnt7 2026/04/17 20:09:53 Decoded script /tekton/scripts/script-5-n9dd6 pod: go-component-htuyve-on-pullea9ed6f4abaed6ebfb2ea0c9b94a1c4d-pod | container step-introspect: Artifact type will be determined by introspection. Checking the media type of the OCI artifact... [retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 The media type of the OCI artifact is application/vnd.docker.distribution.manifest.v2+json. Looking for image labels that indicate this might be an operator bundle... [retry] executing: skopeo inspect --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 Found 0 matching labels. Expecting 3 or more to identify this image as an operator bundle. Introspection concludes that this artifact is of type "application". pod: go-component-htuyve-on-pullea9ed6f4abaed6ebfb2ea0c9b94a1c4d-pod | container step-generate-container-auth: Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 Using token for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve Auth json written to "/auth/auth.json". pod: go-component-htuyve-on-pullea9ed6f4abaed6ebfb2ea0c9b94a1c4d-pod | container step-set-skip-for-bundles: 2026/04/17 20:10:50 INFO Step was skipped due to when expressions were evaluated to false. pod: go-component-htuyve-on-pullea9ed6f4abaed6ebfb2ea0c9b94a1c4d-pod | container step-app-check: time="2026-04-17T20:10:55Z" level=info msg="certification library version" version="1.17.1 " time="2026-04-17T20:10:57Z" level=info msg="running checks for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 for platform amd64" time="2026-04-17T20:10:57Z" level=info msg="target image" image="quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60" time="2026-04-17T20:11:25Z" level=info msg="warning: licenses directory does not exist or all of its children are empty directories: error when checking for /licenses: stat /tmp/preflight-390639503/fs/licenses: no such file or directory" check=HasLicense time="2026-04-17T20:11:25Z" level=info msg="check completed" check=HasLicense result=FAILED time="2026-04-17T20:11:25Z" level=info msg="check completed" check=HasUniqueTag result=PASSED time="2026-04-17T20:11:25Z" level=info msg="check completed" check=LayerCountAcceptable result=PASSED time="2026-04-17T20:11:25Z" level=info msg="check completed" check=HasNoProhibitedPackages result=PASSED time="2026-04-17T20:11:25Z" level=info msg="check completed" check=HasRequiredLabel result=PASSED time="2026-04-17T20:11:25Z" level=info msg="USER 1001 specified that is non-root" check=RunAsNonRoot time="2026-04-17T20:11:25Z" level=info msg="check completed" check=RunAsNonRoot result=PASSED time="2026-04-17T20:11:49Z" level=info msg="check completed" check=HasModifiedFiles result=PASSED time="2026-04-17T20:11:50Z" level=info msg="check completed" check=BasedOnUbi result=PASSED time="2026-04-17T20:11:50Z" level=info msg="This image's tag on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 will be paired with digest sha256:b4df9079afa504d59493088496c3326fd94642707054853acbc878b926d9263c once this image has been published in accordance with Red Hat Certification policy. You may then add or remove any supplemental tags through your Red Hat Connect portal as you see fit." { "image": "quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60", "passed": false, "test_library": { "name": "github.com/redhat-openshift-ecosystem/openshift-preflight", "version": "1.17.1", "commit": "f7de82ae1c76e6c10ea94967d6b6a66f96248cbe" }, "results": { "passed": [ { "name": "HasUniqueTag", "elapsed_time": 0, "description": "Checking if container has a tag other than 'latest', so that the image can be uniquely identified." }, { "name": "LayerCountAcceptable", "elapsed_time": 0, "description": "Checking if container has less than 40 layers. Too many layers within the container images can degrade container performance." }, { "name": "HasNoProhibitedPackages", "elapsed_time": 119, "description": "Checks to ensure that the image in use does not include prohibited packages, such as Red Hat Enterprise Linux (RHEL) kernel packages." }, { "name": "HasRequiredLabel", "elapsed_time": 0, "description": "Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata" }, { "name": "RunAsNonRoot", "elapsed_time": 0, "description": "Checking if container runs as the root user because a container that does not specify a non-root user will fail the automatic certification, and will be subject to a manual review before the container can be approved for publication" }, { "name": "HasModifiedFiles", "elapsed_time": 23839, "description": "Checks that no files installed via RPM in the base Red Hat layer have been modified" }, { "name": "BasedOnUbi", "elapsed_time": 711, "description": "Checking if the container's base image is based upon the Red Hat Universal Base Image (UBI)" } ], "failed": [ { "name": "HasLicense", "elapsed_time": 0, time="2026-04-17T20:11:50Z" level=info msg="Preflight result: FAILED" "description": "Checking if terms and conditions applicable to the software including open source licensing information are present. The license must be at /licenses", "help": "Check HasLicense encountered an error. Please review the preflight.log file for more information.", "suggestion": "Create a directory named /licenses and include all relevant licensing and/or terms and conditions as text file(s) in that directory.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" } ], "errors": [] } } pod: go-component-htuyve-on-pullea9ed6f4abaed6ebfb2ea0c9b94a1c4d-pod | container step-app-set-outcome: [retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-3975fe9fc7ca291d00875b71a6764cd9cf210a60 {"result":"FAILURE","timestamp":"1776456710","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: go-component-htuyve-on-pullea9ed6f4abaed6ebfb2ea0c9b94a1c4d-pod | container step-final-outcome: + [[ ! -f /mount/konflux.results.json ]] + tee /tekton/steps/step-final-outcome/results/test-output {"result":"FAILURE","timestamp":"1776456710","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0}New PipelineRun go-component-htuyve-on-pull-request-56t9j found after retrigger for component build-e2e-yizs/go-component-htuyve PipelineRun go-component-htuyve-on-pull-request-56t9j found for Component build-e2e-yizs/go-component-htuyve PipelineRun go-component-htuyve-on-pull-request-56t9j reason: PipelineRun go-component-htuyve-on-pull-request-56t9j reason: ResolvingTaskRef PipelineRun go-component-htuyve-on-pull-request-56t9j reason: ResolvingTaskRef PipelineRun go-component-htuyve-on-pull-request-56t9j reason: ResolvingTaskRef PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Running PipelineRun go-component-htuyve-on-pull-request-56t9j reason: Failed attempt 3/3: PipelineRun "go-component-htuyve-on-pull-request-56t9j" failed: pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | init container: prepare 2026/04/17 20:18:31 Entrypoint initialization pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | init container: place-scripts 2026/04/17 20:18:32 Decoded script /tekton/scripts/script-0-wc8tt 2026/04/17 20:18:32 Decoded script /tekton/scripts/script-1-vm5xl 2026/04/17 20:18:32 Decoded script /tekton/scripts/script-2-95qpq 2026/04/17 20:18:32 Decoded script /tekton/scripts/script-3-hjqcl 2026/04/17 20:18:32 Decoded script /tekton/scripts/script-4-ncfdz pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | init container: working-dir-initializer pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-build: [2026-04-17T20:18:43,513412433+00:00] Validate context path [2026-04-17T20:18:43,518786515+00:00] Update CA trust [2026-04-17T20:18:43,520396259+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-17T20:18:46,529155881+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-17T20:18:46,539424824+00:00] Prepare system (architecture: x86_64) [2026-04-17T20:18:46,562314028+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/go-toolset:1.18.9-14... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:2a625e4afab51b49edb0e5f4ff37d8afbb20ec644ed1e68641358a6305557de3 Copying blob sha256:0ab0ba77295aca9b12f463cb7198f0b8b6990b41151dbbd4e1b224fe85244b83 Copying blob sha256:4a13c0e9217d70e608f2d5f5d3c5ffa6d9cd16908b3f83a7a97492d355d25a09 Copying blob sha256:e76793d6902ad1adb19ede3d720024cf0cd8427b3ff606554a4bcafba03dddf4 Copying config sha256:391a2eac28d98dc72726df1faa77db28f6899a77c91ad40f2bdad62baf041301 Writing manifest to image destination Storing signatures [2026-04-17T20:19:08,183378562+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2026-04-17T20:18:46Z", "com.redhat.component": "go-toolset-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "distribution-scope": "public", "io.buildah.version": "1.42.2", "io.k8s.description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "io.k8s.display-name": "Go 1.18.9", "io.openshift.expose-services": "", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,golang,golang118,rh-golang118,go", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "Red Hat, Inc.", "name": "rhel9/go-toolset", "release": "14", "summary": "Platform for building and running Go Applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhel9/go-toolset/images/1.18.9-14", "vcs-ref": "8416460173c4d93a3dd22dcb2c2254755e430b1c", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1.18.9", "org.opencontainers.image.revision": "8416460173c4d93a3dd22dcb2c2254755e430b1c", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2026-04-17T20:18:46Z" } [2026-04-17T20:19:08,243068921+00:00] Register sub-man Adding the entitlement to the build [2026-04-17T20:19:08,247871652+00:00] Add secrets [2026-04-17T20:19:09,576345253+00:00] Run buildah build [2026-04-17T20:19:09,578160617+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=8416460173c4d93a3dd22dcb2c2254755e430b1c --label org.opencontainers.image.revision=8416460173c4d93a3dd22dcb2c2254755e430b1c --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2026-04-17T20:18:46Z --label org.opencontainers.image.created=2026-04-17T20:18:46Z --annotation org.opencontainers.image.revision=8416460173c4d93a3dd22dcb2c2254755e430b1c --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2026-04-17T20:18:46Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.6ShDmt -t quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c . STEP 1/10: FROM registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 STEP 2/10: COPY . . STEP 3/10: RUN go mod download go: no module dependencies to download STEP 4/10: RUN go build -o ./main STEP 5/10: ENV PORT 8081 STEP 6/10: EXPOSE 8081 STEP 7/10: CMD [ "./main" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="8416460173c4d93a3dd22dcb2c2254755e430b1c" "org.opencontainers.image.revision"="8416460173c4d93a3dd22dcb2c2254755e430b1c" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2026-04-17T20:18:46Z" "org.opencontainers.image.created"="2026-04-17T20:18:46Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c --> b9d9b9103237 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c b9d9b91032379536cf4d22138fb42be22170036e858139f740e84157ca25678e [2026-04-17T20:19:19,253760883+00:00] Unsetting proxy [2026-04-17T20:19:19,255818188+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 registry.access.redhat.com/ubi9/go-toolset:1.18.9-14@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 Getting image source signatures Copying blob sha256:4929b658c8c6542b458de96dc357685261068733eea785930e133a7646f5b3e2 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying config sha256:b9d9b91032379536cf4d22138fb42be22170036e858139f740e84157ca25678e Writing manifest to image destination [2026-04-17T20:19:34,976861783+00:00] End build pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-push: [2026-04-17T20:19:35,980336318+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-17T20:19:43,915166333+00:00] Convert image [2026-04-17T20:19:43,916800596+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:go-component-htuyve-on-pull-request-56t9j-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:go-component-htuyve-on-pull-request-56t9j-build-container Getting image source signatures Copying blob sha256:4929b658c8c6542b458de96dc357685261068733eea785930e133a7646f5b3e2 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying config sha256:b9d9b91032379536cf4d22138fb42be22170036e858139f740e84157ca25678e Writing manifest to image destination [2026-04-17T20:19:59,963059927+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c Getting image source signatures Copying blob sha256:4929b658c8c6542b458de96dc357685261068733eea785930e133a7646f5b3e2 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying config sha256:b9d9b91032379536cf4d22138fb42be22170036e858139f740e84157ca25678e Writing manifest to image destination sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9bquay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c [retry] executing: kubectl get configmap cluster-config -n konflux-info -o json Keyless signing is disabled (none of rekorInternalUrl, fulcioInternalUrl, defaultOIDCIssuer, tufInternalUrl are configured in the konflux-info/cluster-config configmap) [2026-04-17T20:20:03,789417092+00:00] End push pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-sbom-syft-generate: [2026-04-17T20:20:04,777072320+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2026-04-17T20:20:22,775120373+00:00] End sbom-syft-generate pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-prepare-sboms: [2026-04-17T20:20:23,261498995+00:00] Prepare SBOM [2026-04-17T20:20:23,267844920+00:00] Generate SBOM with mobster Skipping SBOM validation 2026-04-17 20:20:30,033 [INFO] mobster.log: Logging level set to 20 2026-04-17 20:20:30,435 [INFO] mobster.oci: Fetching manifest for registry.access.redhat.com/ubi9/go-toolset@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 2026-04-17 20:20:32,257 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:32,802 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:33,899 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:34,396 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:35,419 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:35,864 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:36,914 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:37,426 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:37,426 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2026-04-17 20:20:37,426 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2026-04-17 20:20:37,429 [INFO] mobster.log: Contextual workflow completed in 7.09s 2026-04-17 20:20:37,548 [INFO] mobster.main: Exiting with code 0. [2026-04-17T20:20:37,613129503+00:00] End prepare-sboms pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-upload-sbom: [2026-04-17T20:20:38,402296839+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve Pushing sbom to registry [retry] executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c@sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate sbom.json --key '. Uploading SBOM file for [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b] to [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:sha256-5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b.sbom] with mediaType [text/spdx+json]. quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:643209ebf15ba33e9809fbe622e4242d2d6e894f36d6c8e91dc8c139d56999da [2026-04-17T20:20:48,428187890+00:00] End upload-sbom pod: go-component-htuyve-on-pull-request-56t9j-build-image-index-pod | init container: prepare 2026/04/17 20:21:40 Entrypoint initialization pod: go-component-htuyve-on-pull-request-56t9j-build-image-index-pod | init container: place-scripts 2026/04/17 20:21:49 Decoded script /tekton/scripts/script-0-tc6l6 2026/04/17 20:21:49 Decoded script /tekton/scripts/script-1-g5xkq 2026/04/17 20:21:49 Decoded script /tekton/scripts/script-2-f6lrs pod: go-component-htuyve-on-pull-request-56t9j-build-image-index-pod | container step-build: [2026-04-17T20:22:36,785738637+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Running konflux-build-cli time="2026-04-17T20:22:43Z" level=info msg="[param] image: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c" time="2026-04-17T20:22:43Z" level=info msg="[param] images: [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c@sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b]" time="2026-04-17T20:22:43Z" level=info msg="[param] buildah-format: docker" time="2026-04-17T20:22:43Z" level=info msg="[param] always-build-index: false" time="2026-04-17T20:22:43Z" level=info msg="[param] additional-tags: [go-component-htuyve-on-pull-request-56t9j-build-image-index]" time="2026-04-17T20:22:43Z" level=info msg="[param] output-manifest-path: /index-build-data/manifest_data.json" time="2026-04-17T20:22:43Z" level=info msg="[param] result-path-image-digest: /tekton/results/IMAGE_DIGEST" time="2026-04-17T20:22:43Z" level=info msg="[param] result-path-image-url: /tekton/results/IMAGE_URL" time="2026-04-17T20:22:43Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-17T20:22:43Z" level=info msg="[param] result-path-images: /tekton/results/IMAGES" time="2026-04-17T20:22:43Z" level=info msg="Creating manifest list: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c" time="2026-04-17T20:22:44Z" level=info msg="buildah [stdout] b3263c43119a13fcb6ca7f17ceb2cd48094daa4c00a0b0d4529aea8ce130f2f1" logger=CliExecutor time="2026-04-17T20:22:44Z" level=info msg="Skipping image index generation. Returning results for single image." {"image_digest":"sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b","image_url":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c","image_ref":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b","images":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b"} pod: go-component-htuyve-on-pull-request-56t9j-build-image-index-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: go-component-htuyve-on-pull-request-56t9j-build-image-index-pod | container step-upload-sbom: [2026-04-17T20:22:44,814232940+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: go-component-htuyve-on-pull-request-56t9j-clone-repository-pod | init container: prepare 2026/04/17 20:16:55 Entrypoint initialization pod: go-component-htuyve-on-pull-request-56t9j-clone-repository-pod | init container: place-scripts 2026/04/17 20:17:18 Decoded script /tekton/scripts/script-0-vp95t 2026/04/17 20:17:18 Decoded script /tekton/scripts/script-1-rcwvh pod: go-component-htuyve-on-pull-request-56t9j-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1776457086.8478367,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776457087.4065685,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ 8416460173c4d93a3dd22dcb2c2254755e430b1c (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1776457087.4066286,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776457087.4438975,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision 8416460173c4d93a3dd22dcb2c2254755e430b1c directly. pod: go-component-htuyve-on-pull-request-56t9j-clone-repository-pod | container step-symlink-check: Running symlink check pod: go-component-htuyve-on-pull-request-56t9j-init-pod | init container: prepare 2026/04/17 20:15:12 Entrypoint initialization pod: go-component-htuyve-on-pull-request-56t9j-init-pod | container step-init: time="2026-04-17T20:15:48Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:15:48Z" level=info msg="[param] enable: false" time="2026-04-17T20:15:48Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:15:48Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:15:48Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:15:48Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:15:48Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:15:48Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:15:48Z" level=info msg="[result] NO PROXY: " pod: go-component-htuyve-on-pullcf24c86c6be828750e895d6aa1670645-pod | init container: prepare 2026/04/17 20:18:14 Entrypoint initialization pod: go-component-htuyve-on-pullcf24c86c6be828750e895d6aa1670645-pod | init container: place-scripts 2026/04/17 20:18:15 Decoded script /tekton/scripts/script-0-f28ws pod: go-component-htuyve-on-pullcf24c86c6be828750e895d6aa1670645-pod | container step-prefetch-dependencies: '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' time="2026-04-17T20:18:21Z" level=debug msg="Starting prefetch-dependencies" time="2026-04-17T20:18:21Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:18:21Z" level=info msg="Not using package registry proxy because allow-package-registry-proxy is not set to `true` on the cluster level" logger=PrefetchDependencies time="2026-04-17T20:18:21Z" level=info msg="[param] source-dir: /workspace/source/source" time="2026-04-17T20:18:21Z" level=info msg="[param] output-dir: /workspace/source/cachi2/output" time="2026-04-17T20:18:21Z" level=info msg="[param] sbom-format: spdx" time="2026-04-17T20:18:21Z" level=info msg="[param] mode: strict" time="2026-04-17T20:18:21Z" level=info msg="[param] output-dir-mount-point: /cachi2/output" time="2026-04-17T20:18:21Z" level=info msg="[param] env-files: [/workspace/source/cachi2/cachi2.env]" time="2026-04-17T20:18:21Z" level=info msg="[param] git-auth-directory: /workspace/git-basic-auth" time="2026-04-17T20:18:24Z" level=info msg="hermeto [stdout] hermeto 0.50.1" logger=CliExecutor time="2026-04-17T20:18:24Z" level=warning msg="No input provided; skipping prefetch-dependencies" logger=PrefetchDependencies time="2026-04-17T20:18:24Z" level=debug msg="Finished prefetch-dependencies" [FAILED] in [It] - /tmp/tmp.yuz6csATEt/tests/build/multi_component.go:161 @ 04/17/26 20:23:40.623 << Timeline [FAILED] Expected success, but got an error: <*errors.errorString | 0xc001d6c800>: pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | init container: prepare 2026/04/17 20:18:31 Entrypoint initialization pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | init container: place-scripts 2026/04/17 20:18:32 Decoded script /tekton/scripts/script-0-wc8tt 2026/04/17 20:18:32 Decoded script /tekton/scripts/script-1-vm5xl 2026/04/17 20:18:32 Decoded script /tekton/scripts/script-2-95qpq 2026/04/17 20:18:32 Decoded script /tekton/scripts/script-3-hjqcl 2026/04/17 20:18:32 Decoded script /tekton/scripts/script-4-ncfdz pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | init container: working-dir-initializer pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-build: [2026-04-17T20:18:43,513412433+00:00] Validate context path [2026-04-17T20:18:43,518786515+00:00] Update CA trust [2026-04-17T20:18:43,520396259+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-17T20:18:46,529155881+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-17T20:18:46,539424824+00:00] Prepare system (architecture: x86_64) [2026-04-17T20:18:46,562314028+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/go-toolset:1.18.9-14... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:2a625e4afab51b49edb0e5f4ff37d8afbb20ec644ed1e68641358a6305557de3 Copying blob sha256:0ab0ba77295aca9b12f463cb7198f0b8b6990b41151dbbd4e1b224fe85244b83 Copying blob sha256:4a13c0e9217d70e608f2d5f5d3c5ffa6d9cd16908b3f83a7a97492d355d25a09 Copying blob sha256:e76793d6902ad1adb19ede3d720024cf0cd8427b3ff606554a4bcafba03dddf4 Copying config sha256:391a2eac28d98dc72726df1faa77db28f6899a77c91ad40f2bdad62baf041301 Writing manifest to image destination Storing signatures [2026-04-17T20:19:08,183378562+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2026-04-17T20:18:46Z", "com.redhat.component": "go-toolset-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "distribution-scope": "public", "io.buildah.version": "1.42.2", "io.k8s.description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "io.k8s.display-name": "Go 1.18.9", "io.openshift.expose-services": "", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,golang,golang118,rh-golang118,go", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "Red Hat, Inc.", "name": "rhel9/go-toolset", "release": "14", "summary": "Platform for building and running Go Applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhel9/go-toolset/images/1.18.9-14", "vcs-ref": "8416460173c4d93a3dd22dcb2c2254755e430b1c", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1.18.9", "org.opencontainers.image.revision": "8416460173c4d93a3dd22dcb2c2254755e430b1c", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2026-04-17T20:18:46Z" } [2026-04-17T20:19:08,243068921+00:00] Register sub-man Adding the entitlement to the build [2026-04-17T20:19:08,247871652+00:00] Add secrets [2026-04-17T20:19:09,576345253+00:00] Run buildah build [2026-04-17T20:19:09,578160617+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=8416460173c4d93a3dd22dcb2c2254755e430b1c --label org.opencontainers.image.revision=8416460173c4d93a3dd22dcb2c2254755e430b1c --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2026-04-17T20:18:46Z --label org.opencontainers.image.created=2026-04-17T20:18:46Z --annotation org.opencontainers.image.revision=8416460173c4d93a3dd22dcb2c2254755e430b1c --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2026-04-17T20:18:46Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.6ShDmt -t quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c . STEP 1/10: FROM registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 STEP 2/10: COPY . . STEP 3/10: RUN go mod download go: no module dependencies to download STEP 4/10: RUN go build -o ./main STEP 5/10: ENV PORT 8081 STEP 6/10: EXPOSE 8081 STEP 7/10: CMD [ "./main" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="8416460173c4d93a3dd22dcb2c2254755e430b1c" "org.opencontainers.image.revision"="8416460173c4d93a3dd22dcb2c2254755e430b1c" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2026-04-17T20:18:46Z" "org.opencontainers.image.created"="2026-04-17T20:18:46Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c --> b9d9b9103237 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c b9d9b91032379536cf4d22138fb42be22170036e858139f740e84157ca25678e [2026-04-17T20:19:19,253760883+00:00] Unsetting proxy [2026-04-17T20:19:19,255818188+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 registry.access.redhat.com/ubi9/go-toolset:1.18.9-14@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 Getting image source signatures Copying blob sha256:4929b658c8c6542b458de96dc357685261068733eea785930e133a7646f5b3e2 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying config sha256:b9d9b91032379536cf4d22138fb42be22170036e858139f740e84157ca25678e Writing manifest to image destination [2026-04-17T20:19:34,976861783+00:00] End build pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-push: [2026-04-17T20:19:35,980336318+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-17T20:19:43,915166333+00:00] Convert image [2026-04-17T20:19:43,916800596+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:go-component-htuyve-on-pull-request-56t9j-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:go-component-htuyve-on-pull-request-56t9j-build-container Getting image source signatures Copying blob sha256:4929b658c8c6542b458de96dc357685261068733eea785930e133a7646f5b3e2 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying config sha256:b9d9b91032379536cf4d22138fb42be22170036e858139f740e84157ca25678e Writing manifest to image destination [2026-04-17T20:19:59,963059927+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c docker://quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c Getting image source signatures Copying blob sha256:4929b658c8c6542b458de96dc357685261068733eea785930e133a7646f5b3e2 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying config sha256:b9d9b91032379536cf4d22138fb42be22170036e858139f740e84157ca25678e Writing manifest to image destination sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9bquay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c [retry] executing: kubectl get configmap cluster-config -n konflux-info -o json Keyless signing is disabled (none of rekorInternalUrl, fulcioInternalUrl, defaultOIDCIssuer, tufInternalUrl are configured in the konflux-info/cluster-config configmap) [2026-04-17T20:20:03,789417092+00:00] End push pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-sbom-syft-generate: [2026-04-17T20:20:04,777072320+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2026-04-17T20:20:22,775120373+00:00] End sbom-syft-generate pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-prepare-sboms: [2026-04-17T20:20:23,261498995+00:00] Prepare SBOM [2026-04-17T20:20:23,267844920+00:00] Generate SBOM with mobster Skipping SBOM validation 2026-04-17 20:20:30,033 [INFO] mobster.log: Logging level set to 20 2026-04-17 20:20:30,435 [INFO] mobster.oci: Fetching manifest for registry.access.redhat.com/ubi9/go-toolset@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 2026-04-17 20:20:32,257 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:32,802 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:33,899 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:34,396 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:35,419 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:35,864 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:36,914 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:37,426 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi9/go-toolset@sha256:0200988bf4773dad494d97be5aeceb005da3b329fe6827c035509a3f6eec1ef1 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-17 20:20:37,426 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2026-04-17 20:20:37,426 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2026-04-17 20:20:37,429 [INFO] mobster.log: Contextual workflow completed in 7.09s 2026-04-17 20:20:37,548 [INFO] mobster.main: Exiting with code 0. [2026-04-17T20:20:37,613129503+00:00] End prepare-sboms pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-upload-sbom: [2026-04-17T20:20:38,402296839+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve Pushing sbom to registry [retry] executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c@sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate sbom.json --key '. Uploading SBOM file for [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b] to [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:sha256-5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b.sbom] with mediaType [text/spdx+json]. quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:643209ebf15ba33e9809fbe622e4242d2d6e894f36d6c8e91dc8c139d56999da [2026-04-17T20:20:48,428187890+00:00] End upload-sbom pod: go-component-htuyve-on-pull-request-56t9j-build-image-index-pod | init container: prepare 2026/04/17 20:21:40 Entrypoint initialization pod: go-component-htuyve-on-pull-request-56t9j-build-image-index-pod | init container: place-scripts 2026/04/17 20:21:49 Decoded script /tekton/scripts/script-0-tc6l6 2026/04/17 20:21:49 Decoded script /tekton/scripts/script-1-g5xkq 2026/04/17 20:21:49 Decoded script /tekton/scripts/script-2-f6lrs pod: go-component-htuyve-on-pull-request-56t9j-build-image-index-pod | container step-build: [2026-04-17T20:22:36,785738637+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Running konflux-build-cli time="2026-04-17T20:22:43Z" level=info msg="[param] image: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c" time="2026-04-17T20:22:43Z" level=info msg="[param] images: [quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c@sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b]" time="2026-04-17T20:22:43Z" level=info msg="[param] buildah-format: docker" time="2026-04-17T20:22:43Z" level=info msg="[param] always-build-index: false" time="2026-04-17T20:22:43Z" level=info msg="[param] additional-tags: [go-component-htuyve-on-pull-request-56t9j-build-image-index]" time="2026-04-17T20:22:43Z" level=info msg="[param] output-manifest-path: /index-build-data/manifest_data.json" time="2026-04-17T20:22:43Z" level=info msg="[param] result-path-image-digest: /tekton/results/IMAGE_DIGEST" time="2026-04-17T20:22:43Z" level=info msg="[param] result-path-image-url: /tekton/results/IMAGE_URL" time="2026-04-17T20:22:43Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-17T20:22:43Z" level=info msg="[param] result-path-images: /tekton/results/IMAGES" time="2026-04-17T20:22:43Z" level=info msg="Creating manifest list: quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c" time="2026-04-17T20:22:44Z" level=info msg="buildah [stdout] b3263c43119a13fcb6ca7f17ceb2cd48094daa4c00a0b0d4529aea8ce130f2f1" logger=CliExecutor time="2026-04-17T20:22:44Z" level=info msg="Skipping image index generation. Returning results for single image." {"image_digest":"sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b","image_url":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve:on-pr-8416460173c4d93a3dd22dcb2c2254755e430b1c","image_ref":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b","images":"quay.io/redhat-appstudio-qe/build-e2e-yizs/go-component-htuyve@sha256:5749cbec1b3cdc904da28be32d5447eefa272d1c09a04b64de7400b6b7fbda9b"} pod: go-component-htuyve-on-pull-request-56t9j-build-image-index-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: go-component-htuyve-on-pull-request-56t9j-build-image-index-pod | container step-upload-sbom: [2026-04-17T20:22:44,814232940+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: go-component-htuyve-on-pull-request-56t9j-clone-repository-pod | init container: prepare 2026/04/17 20:16:55 Entrypoint initialization pod: go-component-htuyve-on-pull-request-56t9j-clone-repository-pod | init container: place-scripts 2026/04/17 20:17:18 Decoded script /tekton/scripts/script-0-vp95t 2026/04/17 20:17:18 Decoded script /tekton/scripts/script-1-rcwvh pod: go-component-htuyve-on-pull-request-56t9j-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1776457086.8478367,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776457087.4065685,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ 8416460173c4d93a3dd22dcb2c2254755e430b1c (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1776457087.4066286,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776457087.4438975,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision 8416460173c4d93a3dd22dcb2c2254755e430b1c directly. pod: go-component-htuyve-on-pull-request-56t9j-clone-repository-pod | container step-symlink-check: Running symlink check pod: go-component-htuyve-on-pull-request-56t9j-init-pod | init container: prepare 2026/04/17 20:15:12 Entrypoint initialization pod: go-component-htuyve-on-pull-request-56t9j-init-pod | container step-init: time="2026-04-17T20:15:48Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:15:48Z" level=info msg="[param] enable: false" time="2026-04-17T20:15:48Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:15:48Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:15:48Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:15:48Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:15:48Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:15:48Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:15:48Z" level=info msg="[result] NO PROXY: " pod: go-component-htuyve-on-pullcf24c86c6be828750e895d6aa1670645-pod | init container: prepare 2026/04/17 20:18:14 Entrypoint initialization pod: go-component-htuyve-on-pullcf24c86c6be828750e895d6aa1670645-pod | init container: place-scripts 2026/04/17 20:18:15 Decoded script /tekton/scripts/script-0-f28ws pod: go-component-htuyve-on-pullcf24c86c6be828750e895d6aa1670645-pod | container step-prefetch-dependencies: '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' time="2026-04-17T20:18:21Z" level=debug msg="Starting prefetch-dependencies" time="2026-04-17T20:18:21Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:18:21Z" level=info msg="Not using package registry proxy because allow-package-registry-proxy is not set to `true` on the cluster level" logger=PrefetchDependencies time="2026-04-17T20:18:21Z" level=info msg="[param] source-dir: /workspace/source/source" time="2026-04-17T20:18:21Z" level=info msg="[param] output-dir: /workspace/source/cachi2/output" time="2026-04-17T20:18:21Z" level=info msg="[param] sbom-format: spdx" time="2026-04-17T20:18:21Z" level=info msg="[param] mode: strict" time="2026-04-17T20:18:21Z" level=info msg="[param] output-dir-mount-point: /cachi2/output" time="2026-04-17T20:18:21Z" level=info msg="[param] env-files: [/workspace/source/cachi2/cachi2.env]" time="2026-04-17T20:18:21Z" level=info msg="[param] git-auth-directory: /workspace/git-basic-auth" time="2026-04-17T20:18:24Z" level=info msg="hermeto [stdout] hermeto 0.50.1" logger=CliExecutor time="2026-04-17T20:18:24Z" level=warning msg="No input provided; skipping prefetch-dependencies" logger=PrefetchDependencies time="2026-04-17T20:18:24Z" level=debug msg="Finished prefetch-dependencies" { s: "\n pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | init container: prepare\n2026/04/17 20:18:31 Entrypoint initialization\n\n pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | init container: place-scripts\n2026/04/17 20:18:32 Decoded script /tekton/scripts/script-0-wc8tt\n2026/04/17 20:18:32 Decoded script /tekton/scripts/script-1-vm5xl\n2026/04/17 20:18:32 Decoded script /tekton/scripts/script-2-95qpq\n2026/04/17 20:18:32 Decoded script /tekton/scripts/script-3-hjqcl\n2026/04/17 20:18:32 Decoded script /tekton/scripts/script-4-ncfdz\n\n pod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | init container: working-dir-initializer\n\npod: go-component-htuyve-on-pull-request-56t9j-build-container-pod | container step-build: \n[2026-04-17T20:18:43,513412433+00:00] Validate context path\n[2026-04-17T20:18:43,518786515+00:00] Update CA trust\n[2026-04-17T20:18:43,520396259+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt\n'/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt'\n[2026-04-17T20:18:46,529155881+00:00] Prepare Dockerfile\nChecking if /var/workdir/cachi2/output/bom.json exists.\nCould not find prefetched sbom. No content_sets found for ICM\n[2026-04-17T20:18:46,539424824+00:00] Prepare system (architecture: x86_64)\n[2026-04-17T20:18:46,562314028+00:00] Setup prefetched\nTrying to pull registry.access.redhat.com/ubi9/go-toolset:1.18.9-14...\nGetting image source signatures\nChecking if image destination supports signatures\nCopying blob sha256:2a625e4afab51b49edb0e5f4ff37d8afbb20ec644ed1e68641358a6305557de3\nCopying blob sha256:0ab0ba77295aca9b12f463cb7198f0b8b6990b41151dbbd4e1b224fe85244b83\nCopying blob sha256:4a13c0e9217d70e608f2d5f5d3c5ffa6d9cd16908b3f83a7a97492d355d25a09\nCopying blob sha256:e76793d6902ad1adb19ede3d720024cf0cd8427b3ff606554a4bcafba03dddf4\nCopying config sha256:391a2eac28d98dc72726df1faa77db28f6899a77c91ad40f2bdad62baf041301\nWriting manifest to image destination\nStoring signatures\n[2026-04-17T20:19:08,183378562+00:00] Unsetting proxy\n{\n \"architecture\": \"x86_64\",\n \"build-date\": \"2026-04-17T20:18:46Z\",\n \"com.redhat.component\": \"go-toolset-container\",\n \"com.redhat.license_terms\": \"https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI\",\n \"description\": \"Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.\",\n \"distribution-scope\": \"public\",\n \"io.buildah.version\": \"1.42.2\",\n \"io.k8s.description\": \"Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.\",\n \"io.k8s.display-name\": \"Go 1.18.9\",\n \"io.openshift.expose-services\": \"\",\n \"io.openshift.s2i.scripts-url\": \"image:///usr/libexec/s2i\",\n \"io.openshift.tags\": \"builder,golang,golang118,rh-golang118,go\",\n \"io.s2i.scripts-url\": \"image:///usr/libexec/s2i\",\n \"maintainer\": \"Red Hat, Inc.\",\n \"name\": \"rhel9/go-toolset\",\n \"release\": \"14\",\n \"summary\": \"Platform for building and running Go Applications\",\n \"url\": \"https://access.redhat.com/containers/#/registry.access.redhat.com/rhel9/go-toolset/images/1.18.9-14\",\n \"vcs-ref\": \"8416460173c4d93a3dd22dcb2c2254755e430b1c\",\n \"vcs-type\": \"git\",\n \"vendor\": \"Red Hat, Inc.\",\n \"version\": \"1.18.9\",\n \"org.opencontainers.image.revision\": \"8416460173c4d93a3dd22dcb2c2254755e430b1c\",\n \"org.opencontainers.image.source\": \"https://github.com/redhat-appstudio-qe/sample-multi-component\",\n \"quay.expires-af... Gomega truncated this representation as it exceeds 'format.MaxLength'. Consider having the object provide a custom 'GomegaStringer' representation or adjust the parameters in Gomega's 'format' package. Learn more here: https://onsi.github.io/gomega/#adjusting-output In [It] at: /tmp/tmp.yuz6csATEt/tests/build/multi_component.go:161 @ 04/17/26 20:23:40.623 ------------------------------ SSSSSSSSSSS ------------------------------ • [FAILED] [1067.460 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] the PipelineRun should eventually finish successfully for child component [build-service, renovate, multi-component, github] /tmp/tmp.yuz6csATEt/tests/build/renovate.go:285 Timeline >> PipelineRun gh-multi-component-child-rwzy-on-pull-request-bqjsd found for Component build-e2e-fekg/gh-multi-component-child-rwzy PipelineRun gh-multi-component-child-rwzy-on-pull-request-bqjsd reason: Failed attempt 1/3: PipelineRun "gh-multi-component-child-rwzy-on-pull-request-bqjsd" failed: pod: gh-multi-component-child-rwzy-on-pull-request-bqjsd-init-pod | init container: prepare 2026/04/17 19:58:37 Entrypoint initialization pod: gh-multi-component-child-rwzy-on-pull-request-bqjsd-init-pod | container step-init: time="2026-04-17T19:58:40Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T19:58:40Z" level=info msg="[param] enable: false" time="2026-04-17T19:58:40Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T19:58:40Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T19:58:40Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T19:58:40Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T19:58:40Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T19:58:40Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T19:58:40Z" level=info msg="[result] NO PROXY: " New PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 found after retrigger for component build-e2e-fekg/gh-multi-component-child-rwzy PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 found for Component build-e2e-fekg/gh-multi-component-child-rwzy PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: ResolvingTaskRef PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: ResolvingTaskRef PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: ResolvingTaskRef PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-mc7z7 reason: Failed attempt 2/3: PipelineRun "gh-multi-component-child-rwzy-on-pull-request-mc7z7" failed: pod: gh-multi-component-child-rwzy-on-pull-request-mc7z7-init-pod | init container: prepare 2026/04/17 20:07:12 Entrypoint initialization pod: gh-multi-component-child-rwzy-on-pull-request-mc7z7-init-pod | container step-init: time="2026-04-17T20:07:20Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:07:20Z" level=info msg="[param] enable: false" time="2026-04-17T20:07:20Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:07:20Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:07:20Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:07:20Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:07:30Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:07:30Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:07:30Z" level=info msg="[result] NO PROXY: " New PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v found after retrigger for component build-e2e-fekg/gh-multi-component-child-rwzy PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v found for Component build-e2e-fekg/gh-multi-component-child-rwzy PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: ResolvingTaskRef PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: ResolvingTaskRef PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: ResolvingTaskRef PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Running PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: PipelineRunStopping PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: PipelineRunStopping PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: PipelineRunStopping PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: PipelineRunStopping PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: PipelineRunStopping PipelineRun gh-multi-component-child-rwzy-on-pull-request-ftr8v reason: Failed attempt 3/3: PipelineRun "gh-multi-component-child-rwzy-on-pull-request-ftr8v" failed: pod: gh-multi-component-child-rwzy-on-pull-request-ftr8v-init-pod | init container: prepare 2026/04/17 20:16:48 Entrypoint initialization pod: gh-multi-component-child-rwzy-on-pull-request-ftr8v-init-pod | container step-init: time="2026-04-17T20:17:18Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:17:18Z" level=info msg="[param] enable: false" time="2026-04-17T20:17:18Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:17:18Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:17:18Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:17:18Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:17:18Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:17:18Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:17:18Z" level=info msg="[result] NO PROXY: " [FAILED] in [It] - /tmp/tmp.yuz6csATEt/tests/build/renovate.go:286 @ 04/17/26 20:23:41.529 << Timeline [FAILED] Expected success, but got an error: <*errors.errorString | 0xc001512550>: pod: gh-multi-component-child-rwzy-on-pull-request-ftr8v-init-pod | init container: prepare 2026/04/17 20:16:48 Entrypoint initialization pod: gh-multi-component-child-rwzy-on-pull-request-ftr8v-init-pod | container step-init: time="2026-04-17T20:17:18Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-17T20:17:18Z" level=info msg="[param] enable: false" time="2026-04-17T20:17:18Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-17T20:17:18Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-17T20:17:18Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-17T20:17:18Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-17T20:17:18Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-17T20:17:18Z" level=info msg="[result] HTTP PROXY: " time="2026-04-17T20:17:18Z" level=info msg="[result] NO PROXY: " { s: "\n pod: gh-multi-component-child-rwzy-on-pull-request-ftr8v-init-pod | init container: prepare\n2026/04/17 20:16:48 Entrypoint initialization\n\npod: gh-multi-component-child-rwzy-on-pull-request-ftr8v-init-pod | container step-init: \ntime=\"2026-04-17T20:17:18Z\" level=info msg=\"Using in-cluster config\" logger=KubeClient\ntime=\"2026-04-17T20:17:18Z\" level=info msg=\"[param] enable: false\"\ntime=\"2026-04-17T20:17:18Z\" level=info msg=\"[param] default-http-proxy: squid.caching.svc.cluster.local:3128\"\ntime=\"2026-04-17T20:17:18Z\" level=info msg=\"[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai\"\ntime=\"2026-04-17T20:17:18Z\" level=info msg=\"[param] http-proxy-result-path: /tekton/results/http-proxy\"\ntime=\"2026-04-17T20:17:18Z\" level=info msg=\"[param] no-proxy-result-path: /tekton/results/no-proxy\"\ntime=\"2026-04-17T20:17:18Z\" level=info msg=\"Cache proxy is disabled in param or in backend\"\ntime=\"2026-04-17T20:17:18Z\" level=info msg=\"[result] HTTP PROXY: \"\ntime=\"2026-04-17T20:17:18Z\" level=info msg=\"[result] NO PROXY: \"\n", } In [It] at: /tmp/tmp.yuz6csATEt/tests/build/renovate.go:286 @ 04/17/26 20:23:41.529 ------------------------------ SSSSSSSSSS•••••••••••• ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:614 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:656 ------------------------------ • [FAILED] [22.920 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the component is removed and recreated (with the same name in the same namespace) [It] should no longer lead to a creation of a PaC PR [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:729 Timeline >> Image repository for component fj-test-custom-branch-unfdde in namespace build-e2e-tson do not have right state ('' != 'ready') yet but it has status { { } { } []}. [FAILED] in [It] - /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:746 @ 04/17/26 20:30:44.456 Found purge PR with id: 4 << Timeline [FAILED] Failed after 7.540s. Unexpected error: <*errors.errorString | 0xc00057cb90>: did not expect a new PR created in konflux-qe/devfile-sample-hello-world-zwzrqc repository after initial PaC configuration was already merged for the same component name and a namespace { s: "did not expect a new PR created in konflux-qe/devfile-sample-hello-world-zwzrqc repository after initial PaC configuration was already merged for the same component name and a namespace", } occurred In [It] at: /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:746 @ 04/17/26 20:30:44.456 ------------------------------ •• ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:614 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:656 ------------------------------ • ------------------------------ • [FAILED] [1207.038 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace [It] should lead to a nudge PR creation for child component [build-service, renovate, multi-component, gitlab] /tmp/tmp.yuz6csATEt/tests/build/renovate.go:412 [FAILED] Timed out after 1200.000s. timed out when waiting for component nudge PR to be created in build-nudge-child-kjhpwg repository Expected : false to be true In [It] at: /tmp/tmp.yuz6csATEt/tests/build/renovate.go:427 @ 04/17/26 20:32:45.203 ------------------------------ SSSSSSSSSSSSSSSSSSSSS Summarizing 6 Failures: [FAIL] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created [It] the PipelineRun should eventually finish successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:368 [FAIL] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace [It] the PipelineRun should eventually finish successfully for parent component [build-service, renovate, multi-component, forgejo] /tmp/tmp.yuz6csATEt/tests/build/renovate.go:276 [FAIL] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] the PipelineRun should eventually finish successfully for component go-component-htuyve [build-service, github, pac-build, multi-component] /tmp/tmp.yuz6csATEt/tests/build/multi_component.go:161 [FAIL] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] the PipelineRun should eventually finish successfully for child component [build-service, renovate, multi-component, github] /tmp/tmp.yuz6csATEt/tests/build/renovate.go:286 [FAIL] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the component is removed and recreated (with the same name in the same namespace) [It] should no longer lead to a creation of a PaC PR [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /tmp/tmp.yuz6csATEt/tests/build/pac_build.go:746 [FAIL] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace [It] should lead to a nudge PR creation for child component [build-service, renovate, multi-component, gitlab] /tmp/tmp.yuz6csATEt/tests/build/renovate.go:427 Ran 100 of 464 Specs in 2158.557 seconds FAIL! -- 94 Passed | 6 Failed | 88 Pending | 276 Skipped Ginkgo ran 1 suite in 38m18.930834006s Test Suite Failed E0417 20:32:52.376683 18038 types.go:186] Failed to execute rule: build-service repo CI Workflow Rule: Execute the full workflow for e2e-tests repo in CI Error: running "ginkgo --seed=1776455667 --timeout=1h30m0s --grace-period=30s --output-interceptor-mode=none --label-filter=build-service --no-color --json-report=e2e-report.json --junit-report=e2e-report.xml --procs=20 --nodes=20 --p --output-dir=/workspace/artifact-dir ./cmd --" failed with exit code 1 make: *** [Makefile:25: ci/test/e2e] Error 1