pod: go-component-hynotq-on-pull-request-l8fxb-apply-tags-pod | init container: prepare 2025/12/24 10:02:43 Entrypoint initialization pod: go-component-hynotq-on-pull-request-l8fxb-apply-tags-pod | init container: place-scripts 2025/12/24 10:02:44 Decoded script /tekton/scripts/script-0-dxwhj 2025/12/24 10:02:44 Decoded script /tekton/scripts/script-1-6tmp7 pod: go-component-hynotq-on-pull-request-l8fxb-apply-tags-pod | container step-apply-additional-tags-from-parameter: No additional tags parameter specified pod: go-component-hynotq-on-pull-request-l8fxb-apply-tags-pod | container step-apply-additional-tags-from-image-label: No additional tags specified in the image labels pod: go-component-hynotq-on-pull-request-l8fxb-build-container-pod | init container: prepare 2025/12/24 09:59:01 Entrypoint initialization pod: go-component-hynotq-on-pull-request-l8fxb-build-container-pod | init container: place-scripts 2025/12/24 09:59:02 Decoded script /tekton/scripts/script-0-q99h2 2025/12/24 09:59:02 Decoded script /tekton/scripts/script-1-jm5jh 2025/12/24 09:59:02 Decoded script /tekton/scripts/script-2-695d7 2025/12/24 09:59:02 Decoded script /tekton/scripts/script-3-85z5f 2025/12/24 09:59:02 Decoded script /tekton/scripts/script-4-7pwfj pod: go-component-hynotq-on-pull-request-l8fxb-build-container-pod | init container: working-dir-initializer pod: go-component-hynotq-on-pull-request-l8fxb-build-container-pod | container step-build: [2025-12-24T10:00:35,030172596+00:00] Validate context path [2025-12-24T10:00:35,033951259+00:00] Update CA trust [2025-12-24T10:00:35,035120232+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-12-24T10:00:37,381848000+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2025-12-24T10:00:37,390033169+00:00] Prepare system (architecture: x86_64) [2025-12-24T10:00:37,508541716+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/go-toolset:1.18.9-14... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:e76793d6902ad1adb19ede3d720024cf0cd8427b3ff606554a4bcafba03dddf4 Copying blob sha256:2a625e4afab51b49edb0e5f4ff37d8afbb20ec644ed1e68641358a6305557de3 Copying blob sha256:0ab0ba77295aca9b12f463cb7198f0b8b6990b41151dbbd4e1b224fe85244b83 Copying blob sha256:4a13c0e9217d70e608f2d5f5d3c5ffa6d9cd16908b3f83a7a97492d355d25a09 Copying config sha256:391a2eac28d98dc72726df1faa77db28f6899a77c91ad40f2bdad62baf041301 Writing manifest to image destination Storing signatures [2025-12-24T10:00:57,194924501+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2025-12-24T10:00:37Z", "com.redhat.component": "go-toolset-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "distribution-scope": "public", "io.buildah.version": "1.41.4", "io.k8s.description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.", "io.k8s.display-name": "Go 1.18.9", "io.openshift.expose-services": "", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,golang,golang118,rh-golang118,go", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "Red Hat, Inc.", "name": "rhel9/go-toolset", "release": "14", "summary": "Platform for building and running Go Applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhel9/go-toolset/images/1.18.9-14", "vcs-ref": "99556c19fec4e37422d2b3a13d14d85d659957a0", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1.18.9", "org.opencontainers.image.revision": "99556c19fec4e37422d2b3a13d14d85d659957a0", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2025-12-24T10:00:37Z" } [2025-12-24T10:00:57,243126121+00:00] Register sub-man Adding the entitlement to the build [2025-12-24T10:00:57,246825392+00:00] Add secrets [2025-12-24T10:00:57,263767725+00:00] Run buildah build [2025-12-24T10:00:57,265016487+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=99556c19fec4e37422d2b3a13d14d85d659957a0 --label org.opencontainers.image.revision=99556c19fec4e37422d2b3a13d14d85d659957a0 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2025-12-24T10:00:37Z --label org.opencontainers.image.created=2025-12-24T10:00:37Z --annotation org.opencontainers.image.revision=99556c19fec4e37422d2b3a13d14d85d659957a0 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2025-12-24T10:00:37Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.PNj2he -t quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 . STEP 1/10: FROM registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 STEP 2/10: COPY . . STEP 3/10: RUN go mod download go: no module dependencies to download STEP 4/10: RUN go build -o ./main STEP 5/10: ENV PORT 8081 STEP 6/10: EXPOSE 8081 STEP 7/10: CMD [ "./main" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="99556c19fec4e37422d2b3a13d14d85d659957a0" "org.opencontainers.image.revision"="99556c19fec4e37422d2b3a13d14d85d659957a0" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2025-12-24T10:00:37Z" "org.opencontainers.image.created"="2025-12-24T10:00:37Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 --> 701177d3b13a Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 701177d3b13a7d9871b59d905a5afa68014228b49e816ffec1e854ce8e61be95 [2025-12-24T10:00:59,986534324+00:00] Unsetting proxy [2025-12-24T10:00:59,987900414+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 registry.access.redhat.com/ubi9/go-toolset:1.18.9-14@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 Getting image source signatures Copying blob sha256:05517ab934ee8397e547a32028fab4d599134e606742e908c81ccb3beec0e7b3 Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22 Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49 Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3 Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5 Copying config sha256:701177d3b13a7d9871b59d905a5afa68014228b49e816ffec1e854ce8e61be95 Writing manifest to image destination [2025-12-24T10:01:09,262373075+00:00] End build pod: go-component-hynotq-on-pull-request-l8fxb-build-container-pod | container step-push: [2025-12-24T10:01:10,170847385+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-12-24T10:01:12,484081703+00:00] Convert image [2025-12-24T10:01:12,485245632+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:go-component-hynotq-on-pull-request-l8fxb-build-container Executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 docker://quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:go-component-hynotq-on-pull-request-l8fxb-build-container [2025-12-24T10:01:27,513170987+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 Executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 docker://quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 [2025-12-24T10:01:28,973198819+00:00] End push pod: go-component-hynotq-on-pull-request-l8fxb-build-container-pod | container step-sbom-syft-generate: [2025-12-24T10:01:29,323269761+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2025-12-24T10:01:50,137312491+00:00] End sbom-syft-generate pod: go-component-hynotq-on-pull-request-l8fxb-build-container-pod | container step-prepare-sboms: [2025-12-24T10:01:50,988551813+00:00] Prepare SBOM [2025-12-24T10:01:50,992972693+00:00] Generate SBOM with mobster Skipping SBOM validation 2025-12-24 10:01:55,901 [INFO] mobster.log: Logging level set to 20 2025-12-24 10:01:56,360 [INFO] mobster.oci: Fetching manifest for registry.access.redhat.com/ubi9/go-toolset@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51 2025-12-24 10:02:01,809 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2025-12-24 10:02:01,810 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2025-12-24 10:02:01,812 [INFO] mobster.log: Contextual workflow completed in 5.56s 2025-12-24 10:02:01,957 [INFO] mobster.main: Exiting with code 0. [2025-12-24T10:02:02,048083653+00:00] End prepare-sboms pod: go-component-hynotq-on-pull-request-l8fxb-build-container-pod | container step-upload-sbom: [2025-12-24T10:02:02,253560749+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq Pushing sbom to registry Executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0@sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1 quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq@sha256:ee3cb1134195783636edba6085a28c0c737ad444583ab9bf412e8c1cc8507f37 [2025-12-24T10:02:06,177214459+00:00] End upload-sbom pod: go-component-hynotq-on-pull-request-l8fxb-build-image-index-pod | init container: prepare 2025/12/24 10:02:16 Entrypoint initialization pod: go-component-hynotq-on-pull-request-l8fxb-build-image-index-pod | init container: place-scripts 2025/12/24 10:02:17 Decoded script /tekton/scripts/script-0-qbbbt 2025/12/24 10:02:17 Decoded script /tekton/scripts/script-1-6mdc5 2025/12/24 10:02:17 Decoded script /tekton/scripts/script-2-82q9j pod: go-component-hynotq-on-pull-request-l8fxb-build-image-index-pod | container step-build: [2025-12-24T10:02:19,299857717+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' 2a1c5b76b2f59ad778998f0e40606e222fad6d3fb04f038ee8dd8e6acb2a201f Skipping image index generation. Returning results for quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq@sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1. pod: go-component-hynotq-on-pull-request-l8fxb-build-image-index-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: go-component-hynotq-on-pull-request-l8fxb-build-image-index-pod | container step-upload-sbom: [2025-12-24T10:02:22,595935961+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: go-component-hynotq-on-pull-request-l8fxb-clamav-scan-pod | init container: prepare 2025/12/24 10:02:26 Entrypoint initialization pod: go-component-hynotq-on-pull-request-l8fxb-clamav-scan-pod | init container: place-scripts 2025/12/24 10:02:27 Decoded script /tekton/scripts/script-0-c6ppn 2025/12/24 10:02:27 Decoded script /tekton/scripts/script-1-vhtw7 pod: go-component-hynotq-on-pull-request-l8fxb-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days! *** LibClamAV Warning: *** Please update it as soon as possible. *** LibClamAV Warning: ************************************************** clamd is ready! Extracting image(s). Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 33.086 sec (0 m 33 s) Start Date: 2025:12:24 10:07:08 End Date: 2025:12:24 10:07:41 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27847/Thu Dec 11 09:25:06 2025 Database version: 27847 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1766570861","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1766570861","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1766570861","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0", "digests": ["sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1"]}} pod: go-component-hynotq-on-pull-request-l8fxb-clamav-scan-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq Attaching to quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0@sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1 clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Uploading 43028d2fc36c clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading c57e1fe4c89e clamscan-result-amd64.log Uploaded 43028d2fc36c clamscan-ec-test-amd64.json Uploaded c57e1fe4c89e clamscan-result-amd64.log Uploading 22b5e8b4e5a6 application/vnd.oci.image.manifest.v1+json Uploaded 22b5e8b4e5a6 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0@sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1 Digest: sha256:22b5e8b4e5a61d7354546886a9ae1abe48d86bb3d6f127317f92dbee6525537f pod: go-component-hynotq-on-pull-request-l8fxb-clone-repository-pod | init container: prepare 2025/12/24 09:58:15 Entrypoint initialization pod: go-component-hynotq-on-pull-request-l8fxb-clone-repository-pod | init container: place-scripts 2025/12/24 09:58:17 Decoded script /tekton/scripts/script-0-k5f6n 2025/12/24 09:58:17 Decoded script /tekton/scripts/script-1-zsfkn pod: go-component-hynotq-on-pull-request-l8fxb-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1766570304.1758652,"caller":"git/git.go:384","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1766570304.6537201,"caller":"git/git.go:218","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ 99556c19fec4e37422d2b3a13d14d85d659957a0 (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1766570304.6537752,"caller":"git/git.go:384","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1766570304.6799843,"caller":"git/git.go:267","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision 99556c19fec4e37422d2b3a13d14d85d659957a0 directly. pod: go-component-hynotq-on-pull-request-l8fxb-clone-repository-pod | container step-symlink-check: Running symlink check pod: go-component-hynotq-on-pull-request-l8fxb-init-pod | init container: prepare 2025/12/24 09:57:48 Entrypoint initialization pod: go-component-hynotq-on-pull-request-l8fxb-init-pod | init container: place-scripts 2025/12/24 09:57:49 Decoded script /tekton/scripts/script-0-hcksc pod: go-component-hynotq-on-pull-request-l8fxb-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 Determine if Image Already Exists Fetching cluster-config from konflux-info namespace... Warning: Failed to fetch cluster-config ConfigMap. Proceeding with defaults. Cache proxy disabled (cluster-enabled: true, task-enable: false) Setting HTTP_PROXY to Setting NO_PROXY to pod: go-component-hynotq-on-pull-request-l8fxb-push-dockerfile-pod | init container: prepare 2025/12/24 10:02:39 Entrypoint initialization pod: go-component-hynotq-on-pull-request-l8fxb-push-dockerfile-pod | init container: place-scripts 2025/12/24 10:02:40 Decoded script /tekton/scripts/script-0-4pk7f pod: go-component-hynotq-on-pull-request-l8fxb-push-dockerfile-pod | init container: working-dir-initializer pod: go-component-hynotq-on-pull-request-l8fxb-push-dockerfile-pod | container step-push: [2025-12-24T10:05:15,718463617+00:00] Validate context path Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 Using token for quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq Pushing Dockerfile to registry Executing: oras push --no-tty --format json --registry-config /tmp/tmp.afCRWel3X5 --artifact-type application/vnd.konflux.dockerfile quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:sha256-8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1.dockerfile Dockerfile pod: go-component-hynotq-on-pull-request-l8fxb-sast-shell-check-pod | init container: prepare 2025/12/24 10:02:33 Entrypoint initialization pod: go-component-hynotq-on-pull-request-l8fxb-sast-shell-check-pod | init container: place-scripts 2025/12/24 10:02:34 Decoded script /tekton/scripts/script-0-qgct6 2025/12/24 10:02:34 Decoded script /tekton/scripts/script-1-htf9f pod: go-component-hynotq-on-pull-request-l8fxb-sast-shell-check-pod | init container: working-dir-initializer pod: go-component-hynotq-on-pull-request-l8fxb-sast-shell-check-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=go-component-hynotq + echo 'INFO: The PROJECT_NAME used is: go-component-hynotq' + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors INFO: The PROJECT_NAME used is: go-component-hynotq INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/workspace/workspace/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/workspace/workspace/source/. ++ realpath -m /workspace/workspace/source/. + resolved_path=/workspace/workspace/source + [[ /workspace/workspace/source == \/\w\o\r\k\s\p\a\c\e\/\w\o\r\k\s\p\a\c\e\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' + /usr/share/csmock/scripts/run-shellcheck.sh /workspace/workspace/source Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/sendemail-validate.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/workspace/workspace/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-101.json ./shellcheck-results/sc-122.json ./shellcheck-results/sc-135.json ./shellcheck-results/sc-136.json ./shellcheck-results/sc-138.json ./shellcheck-results/sc-89.json ./shellcheck-results/sc-92.json ./shellcheck-results/sc-93.json ./shellcheck-results/sc-95.json ./shellcheck-results/sc-98.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' + echo 'ShellCheck results have been saved to shellcheck-results.json' + csgrep --mode=evtstat shellcheck-results.json INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered ShellCheck results have been saved to shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + note='Task sast-shell-check completed successfully.' ++ make_result_json -r SUCCESS -t 'Task sast-shell-check completed successfully.' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-shell-check completed successfully.' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2025-12-24T10:05:14+00:00 --arg result SUCCESS --arg note 'Task sast-shell-check completed successfully.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2025-12-24T10:05:14+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2025-12-24T10:05:14+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2025-12-24T10:05:14+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2025-12-24T10:05:14+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2025-12-24T10:05:14+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: go-component-hynotq-on-pull-request-l8fxb-sast-shell-check-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq Attaching to quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0@sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1 shellcheck-results.sarif:application/sarif+json Preparing shellcheck-results.sarif Uploading 3b606a9dd3a1 shellcheck-results.sarif Uploading 44136fa355b3 application/vnd.oci.empty.v1+json Uploaded 44136fa355b3 application/vnd.oci.empty.v1+json Uploaded 3b606a9dd3a1 shellcheck-results.sarif Uploading 45ef1adc60e3 application/vnd.oci.image.manifest.v1+json Uploaded 45ef1adc60e3 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0@sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1 Digest: sha256:45ef1adc60e36b5643cbc9ef1d1c193389b4c4ddc942f9e2e6cbdec1211d0127 No excluded-findings.json exists. Skipping upload. pod: go-component-hynotq-on-pull-request-l8fxb-sast-snyk-check-pod | init container: prepare 2025/12/24 10:02:25 Entrypoint initialization pod: go-component-hynotq-on-pull-request-l8fxb-sast-snyk-check-pod | init container: place-scripts 2025/12/24 10:02:26 Decoded script /tekton/scripts/script-0-khxk9 2025/12/24 10:02:26 Decoded script /tekton/scripts/script-1-x44wd pod: go-component-hynotq-on-pull-request-l8fxb-sast-snyk-check-pod | init container: working-dir-initializer pod: go-component-hynotq-on-pull-request-l8fxb-sast-snyk-check-pod | container step-sast-snyk-check: INFO: The PROJECT_NAME used is: go-component-hynotq INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' {"result":"SKIPPED","timestamp":"2025-12-24T10:04:43+00:00","note":"Task sast-snyk-check skipped: If you wish to use the Snyk code SAST task, please create a secret name snyk-secret with the key 'snyk_token' containing the Snyk token by following the steps given [here](https://konflux-ci.dev/docs/testing/build/snyk/)","namespace":"default","successes":0,"failures":0,"warnings":0} pod: go-component-hynotq-on-pull-request-l8fxb-sast-snyk-check-pod | container step-upload: No sast_snyk_check_out.sarif exists. Skipping upload. No excluded-findings.json exists. Skipping upload. pod: go-component-hynotq-on-pull1687364f6ed36b4fbcdd36c4785022c8-pod | init container: prepare 2025/12/24 10:02:40 Entrypoint initialization pod: go-component-hynotq-on-pull1687364f6ed36b4fbcdd36c4785022c8-pod | init container: place-scripts 2025/12/24 10:02:41 Decoded script /tekton/scripts/script-0-4vts2 2025/12/24 10:02:41 Decoded script /tekton/scripts/script-1-sgndn pod: go-component-hynotq-on-pull1687364f6ed36b4fbcdd36c4785022c8-pod | container step-rpms-signature-scan: + set -o pipefail + rpm_verifier --image-url quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 --image-digest sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1 --workdir /tmp Image: quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq@sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1 No unsigned RPMs found {'keys': {'199e2f91fd431d51': 419, 'unsigned': 0}} ==================================== Final results: {"keys": {"199e2f91fd431d51": 419, "unsigned": 0}} Images processed: {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0", "digests": ["sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1"]}} pod: go-component-hynotq-on-pull1687364f6ed36b4fbcdd36c4785022c8-pod | container step-output-results: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index ++ cat /tmp/status + status=SUCCESS ++ cat /tmp/results + rpms_data='{"keys": {"199e2f91fd431d51": 419, "unsigned": 0}}' ++ cat /tmp/images_processed + images_processed='{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0", "digests": ["sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1"]}}' + '[' SUCCESS == ERROR ']' + note='Task rpms-signature-scan completed successfully' ++ make_result_json -r SUCCESS -t 'Task rpms-signature-scan completed successfully' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task rpms-signature-scan completed successfully' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2025-12-24T10:05:56+00:00 --arg result SUCCESS --arg note 'Task rpms-signature-scan completed successfully' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2025-12-24T10:05:56+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2025-12-24T10:05:56+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2025-12-24T10:05:56+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2025-12-24T10:05:56+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2025-12-24T10:05:56+00:00","note":"Task rpms-signature-scan completed successfully","namespace":"default","successes":0,"failures":0,"warnings":0} + echo '{"keys": {"199e2f91fd431d51": 419, "unsigned": 0}}' + tee /tekton/results/RPMS_DATA {"keys": {"199e2f91fd431d51": 419, "unsigned": 0}} + echo '{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0", "digests": ["sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1"]}}' + tee /tekton/results/IMAGES_PROCESSED {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0", "digests": ["sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1"]}} pod: go-component-hynotq-on-pull6a99686dbafdb9b9019a538edcae72e6-pod | init container: prepare 2025/12/24 10:02:25 Entrypoint initialization pod: go-component-hynotq-on-pull6a99686dbafdb9b9019a538edcae72e6-pod | init container: place-scripts 2025/12/24 10:02:26 Decoded script /tekton/scripts/script-0-g7sjf 2025/12/24 10:02:26 Decoded script /tekton/scripts/script-1-7x7kq 2025/12/24 10:02:26 Decoded script /tekton/scripts/script-2-mph4m 2025/12/24 10:02:26 Decoded script /tekton/scripts/script-3-4275b 2025/12/24 10:02:26 Decoded script /tekton/scripts/script-4-tc68m 2025/12/24 10:02:26 Decoded script /tekton/scripts/script-5-fbn9b pod: go-component-hynotq-on-pull6a99686dbafdb9b9019a538edcae72e6-pod | container step-introspect: Artifact type will be determined by introspection. Checking the media type of the OCI artifact... Executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 The media type of the OCI artifact is application/vnd.docker.distribution.manifest.v2+json. Looking for image labels that indicate this might be an operator bundle... Executing: skopeo inspect --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 Found 0 matching labels. Expecting 3 or more to identify this image as an operator bundle. Introspection concludes that this artifact is of type "application". pod: go-component-hynotq-on-pull6a99686dbafdb9b9019a538edcae72e6-pod | container step-generate-container-auth: Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 Using token for quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq Auth json written to "/auth/auth.json". pod: go-component-hynotq-on-pull6a99686dbafdb9b9019a538edcae72e6-pod | container step-set-skip-for-bundles: 2025/12/24 10:07:39 INFO Step was skipped due to when expressions were evaluated to false. pod: go-component-hynotq-on-pull6a99686dbafdb9b9019a538edcae72e6-pod | container step-app-check: time="2025-12-24T10:07:39Z" level=info msg="certification library version" version="1.15.2 " time="2025-12-24T10:07:40Z" level=info msg="running checks for quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 for platform amd64" time="2025-12-24T10:07:40Z" level=info msg="target image" image="quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0" time="2025-12-24T10:08:10Z" level=info msg="check completed" check=HasLicense result=FAILED time="2025-12-24T10:08:10Z" level=info msg="check completed" check=HasUniqueTag result=PASSED time="2025-12-24T10:08:10Z" level=info msg="check completed" check=LayerCountAcceptable result=PASSED time="2025-12-24T10:08:10Z" level=info msg="check completed" check=HasNoProhibitedPackages result=PASSED time="2025-12-24T10:08:10Z" level=info msg="check completed" check=HasRequiredLabel result=PASSED time="2025-12-24T10:08:10Z" level=info msg="USER 1001 specified that is non-root" check=RunAsNonRoot time="2025-12-24T10:08:10Z" level=info msg="check completed" check=RunAsNonRoot result=PASSED time="2025-12-24T10:08:38Z" level=info msg="check completed" check=HasModifiedFiles result=PASSED time="2025-12-24T10:08:38Z" level=info msg="check completed" check=BasedOnUbi result=PASSED time="2025-12-24T10:08:38Z" level=info msg="This image's tag on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 will be paired with digest sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1 once this image has been published in accordance with Red Hat Certification policy. You may then add or remove any supplemental tags through your Red Hat Connect portal as you see fit." { time="2025-12-24T10:08:39Z" level=info msg="Preflight result: FAILED" "image": "quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0", "passed": false, "test_library": { "name": "github.com/redhat-openshift-ecosystem/openshift-preflight", "version": "1.15.2", "commit": "6ee1ef78b1e65bdb3042588f9f0b7a4406333209" }, "results": { "passed": [ { "name": "HasUniqueTag", "elapsed_time": 0, "description": "Checking if container has a tag other than 'latest', so that the image can be uniquely identified." }, { "name": "LayerCountAcceptable", "elapsed_time": 0, "description": "Checking if container has less than 40 layers. Too many layers within the container images can degrade container performance." }, { "name": "HasNoProhibitedPackages", "elapsed_time": 125, "description": "Checks to ensure that the image in use does not include prohibited packages, such as Red Hat Enterprise Linux (RHEL) kernel packages." }, { "name": "HasRequiredLabel", "elapsed_time": 0, "description": "Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata" }, { "name": "RunAsNonRoot", "elapsed_time": 0, "description": "Checking if container runs as the root user because a container that does not specify a non-root user will fail the automatic certification, and will be subject to a manual review before the container can be approved for publication" }, { "name": "HasModifiedFiles", "elapsed_time": 27830, "description": "Checks that no files installed via RPM in the base Red Hat layer have been modified" }, { "name": "BasedOnUbi", "elapsed_time": 713, "description": "Checking if the container's base image is based upon the Red Hat Universal Base Image (UBI)" } ], "failed": [ { "name": "HasLicense", "elapsed_time": 0, "description": "Checking if terms and conditions applicable to the software including open source licensing information are present. The license must be at /licenses", "help": "Check HasLicense encountered an error. Please review the preflight.log file for more information.", "suggestion": "Create a directory named /licenses and include all relevant licensing and/or terms and conditions as text file(s) in that directory.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" } ], "errors": [] } } pod: go-component-hynotq-on-pull6a99686dbafdb9b9019a538edcae72e6-pod | container step-app-set-outcome: {"result":"FAILURE","timestamp":"1766570920","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: go-component-hynotq-on-pull6a99686dbafdb9b9019a538edcae72e6-pod | container step-final-outcome: + [[ ! -f /mount/konflux.results.json ]] + tee /tekton/steps/step-final-outcome/results/test-output {"result":"FAILURE","timestamp":"1766570920","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: go-component-hynotq-on-pullb5a6e1527f863eb64ae1ed9b05a48d87-pod | init container: prepare 2025/12/24 10:02:33 Entrypoint initialization pod: go-component-hynotq-on-pullb5a6e1527f863eb64ae1ed9b05a48d87-pod | init container: place-scripts 2025/12/24 10:02:34 Decoded script /tekton/scripts/script-0-rznf9 2025/12/24 10:02:34 Decoded script /tekton/scripts/script-1-5plsg pod: go-component-hynotq-on-pullb5a6e1527f863eb64ae1ed9b05a48d87-pod | init container: working-dir-initializer pod: go-component-hynotq-on-pullb5a6e1527f863eb64ae1ed9b05a48d87-pod | container step-sast-unicode-check: + . /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=go-component-hynotq + echo 'INFO: The PROJECT_NAME used is: go-component-hynotq' INFO: The PROJECT_NAME used is: go-component-hynotq + SCAN_PROP= + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ echo https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 ++ awk -F# '{print $1}' + GIT_URL=https://github.com/siddhesh/find-unicode-control.git ++ echo https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 ++ awk -F# '{print $2}' + REV=c2accbfbba7553a8bc1ebd97089ae08ad8347e58 + git clone https://github.com/siddhesh/find-unicode-control.git find-unicode-control Cloning into 'find-unicode-control'... + [[ -n c2accbfbba7553a8bc1ebd97089ae08ad8347e58 ]] + git -C ./find-unicode-control/ checkout c2accbfbba7553a8bc1ebd97089ae08ad8347e58 Note: switching to 'c2accbfbba7553a8bc1ebd97089ae08ad8347e58'. You are in 'detached HEAD' state. You can look around, make experimental changes and commit them, and you can discard any commits you make in this state without impacting any branches by switching back to a branch. If you want to create a new branch to retain commits you create, you may do so (now or later) by using -c with the switch command. Example: git switch -c Or undo this operation with: git switch - Turn off this advice by setting config variable advice.detachedHead to false HEAD is now at c2accbf Add minimal pyproject.toml to enable pip install + SCAN_PROP=find-unicode-control-git-url:https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 + FUC_EXIT_CODE=0 + LANG=en_US.utf8 + ./find-unicode-control/find_unicode_control.py -p bidi -v -d -t /workspace/workspace/source + [[ 0 -ne 0 ]] + sed -i raw_sast_unicode_check_out.txt -E -e 's|(.*:[0-9]+)(.*)|\1: warning:\2|' -e 's|^|Error: UNICONTROL_WARNING:\n|' + CSGERP_OPTS=(--mode=json --remove-duplicates --embed-context=3 --set-scan-prop="${SCAN_PROP}" --strip-path-prefix="${SOURCE_CODE_DIR}"/source/) + csgrep --mode=json --remove-duplicates --embed-context=3 --set-scan-prop=find-unicode-control-git-url:https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 --strip-path-prefix=/workspace/workspace/source/ raw_sast_unicode_check_out.txt + csgrep --mode=evtstat processed_sast_unicode_check_out.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' + mv processed_sast_unicode_check_out.json sast_unicode_check_out.json + csgrep --mode=sarif sast_unicode_check_out.json + [[ 0 -eq 0 ]] + note='Task sast-unicode-check success: No finding was detected' ++ make_result_json -r SUCCESS -t 'Task sast-unicode-check success: No finding was detected' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-unicode-check success: No finding was detected' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2025-12-24T10:05:13+00:00 --arg result SUCCESS --arg note 'Task sast-unicode-check success: No finding was detected' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2025-12-24T10:05:13+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2025-12-24T10:05:13+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + ERROR_OUTPUT='{"result":"SUCCESS","timestamp":"2025-12-24T10:05:13+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2025-12-24T10:05:13+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2025-12-24T10:05:13+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: go-component-hynotq-on-pullb5a6e1527f863eb64ae1ed9b05a48d87-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq Attaching to quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0@sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1 sast_unicode_check_out.sarif:application/sarif+json Preparing sast_unicode_check_out.sarif Uploading 44136fa355b3 application/vnd.oci.empty.v1+json Uploading ee05835e28d3 sast_unicode_check_out.sarif Uploaded ee05835e28d3 sast_unicode_check_out.sarif Uploaded 44136fa355b3 application/vnd.oci.empty.v1+json Uploading d285bab24f6f application/vnd.oci.image.manifest.v1+json Uploaded d285bab24f6f application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-ehoz/go-component-hynotq:on-pr-99556c19fec4e37422d2b3a13d14d85d659957a0@sha256:8b7983a570e2a75a3ef46abbba765547e4a43c93fc5ddc20dd160be7df3f40c1 Digest: sha256:d285bab24f6f942546b15ded9e40f0eea3e9faabcc2b3190cfbacccb1cf491cc No excluded-findings.json exists. Skipping upload. pod: go-component-hynotq-on-pullf66781f753b4e6c83995ec58cbb76a60-pod | init container: prepare 2025/12/24 09:58:30 Entrypoint initialization pod: go-component-hynotq-on-pullf66781f753b4e6c83995ec58cbb76a60-pod | init container: place-scripts 2025/12/24 09:58:31 Decoded script /tekton/scripts/script-0-vssg6 2025/12/24 09:58:31 Decoded script /tekton/scripts/script-1-hfqwg pod: go-component-hynotq-on-pullf66781f753b4e6c83995ec58cbb76a60-pod | container step-sanitize-config-file-with-yq: pod: go-component-hynotq-on-pullf66781f753b4e6c83995ec58cbb76a60-pod | container step-prefetch-dependencies: No prefetch will be performed because no input was provided