pod: gh-test-custom-branch-acpckr-on-pull-request-rgwdt-init-pod | init container: prepare 2025/09/11 16:19:47 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-pull-request-rgwdt-init-pod | init container: place-scripts 2025/09/11 16:19:50 Decoded script /tekton/scripts/script-0-gjggm pod: gh-test-custom-branch-acpckr-on-pull-request-rgwdt-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:on-pr-2235d106593e8f2fe68394f57522c9ac7171dedc Determine if Image Already Exists pod: gh-test-custom-branch-acpckr-on-pull-request-sl9ps-init-pod | init container: prepare 2025/09/11 16:25:50 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-pull-request-sl9ps-init-pod | init container: place-scripts 2025/09/11 16:25:50 Decoded script /tekton/scripts/script-0-vljpf pod: gh-test-custom-branch-acpckr-on-pull-request-sl9ps-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:on-pr-71dd0b3a3170f396e19e0ea28abf293452a7b9c5 Determine if Image Already Exists pod: gh-test-custom-branch-acpckr-on-push-4flg6-apply-tags-pod | init container: prepare 2025/09/11 16:34:55 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-4flg6-apply-tags-pod | init container: place-scripts 2025/09/11 16:35:00 Decoded script /tekton/scripts/script-0-qnnlb 2025/09/11 16:35:00 Decoded script /tekton/scripts/script-1-hh87s pod: gh-test-custom-branch-acpckr-on-push-4flg6-apply-tags-pod | container step-apply-additional-tags-from-parameter: No additional tags parameter specified pod: gh-test-custom-branch-acpckr-on-push-4flg6-apply-tags-pod | container step-apply-additional-tags-from-image-label: Applying tag test-tag1 Getting image source signatures Copying blob sha256:e8f684eb52c81e81f25af083fcac79f45bb8a957202fbacc0cafb0282addd472 Copying blob sha256:fe07684b16b82247c3539ed86a65ff37a76138ec25d380bd80c869a1a4c73236 Copying blob sha256:f5e9498bd149f33b25865a182c18cf932a88939d03ccb885a883b531d7fa85e2 Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Copying blob sha256:96dd388748af46d59bfb74a70b4c8b710aa6f49c1dd268be87ccdbe9ff165630 Copying config sha256:cbfef98f4fe611a3c9682109b1234b932d77d588101f786b9ee5054d81c7762e Writing manifest to image destination Applying tag test-tag2 Getting image source signatures Copying blob sha256:f5e9498bd149f33b25865a182c18cf932a88939d03ccb885a883b531d7fa85e2 Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Copying blob sha256:fe07684b16b82247c3539ed86a65ff37a76138ec25d380bd80c869a1a4c73236 Copying blob sha256:96dd388748af46d59bfb74a70b4c8b710aa6f49c1dd268be87ccdbe9ff165630 Copying blob sha256:e8f684eb52c81e81f25af083fcac79f45bb8a957202fbacc0cafb0282addd472 Copying config sha256:cbfef98f4fe611a3c9682109b1234b932d77d588101f786b9ee5054d81c7762e Writing manifest to image destination pod: gh-test-custom-branch-acpckr-on-push-4flg6-build-container-pod | init container: prepare 2025/09/11 16:33:54 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-4flg6-build-container-pod | init container: place-scripts 2025/09/11 16:33:55 Decoded script /tekton/scripts/script-0-n9xjg 2025/09/11 16:33:55 Decoded script /tekton/scripts/script-1-vxgkj 2025/09/11 16:33:55 Decoded script /tekton/scripts/script-2-p29dj 2025/09/11 16:33:55 Decoded script /tekton/scripts/script-3-z5ntr 2025/09/11 16:33:55 Decoded script /tekton/scripts/script-4-89sjh pod: gh-test-custom-branch-acpckr-on-push-4flg6-build-container-pod | init container: working-dir-initializer pod: gh-test-custom-branch-acpckr-on-push-4flg6-build-container-pod | container step-build: [2025-09-11T16:33:59,510788126+00:00] Validate context path [2025-09-11T16:33:59,513170930+00:00] Update CA trust [2025-09-11T16:33:59,513951342+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-09-11T16:34:00,411229381+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2025-09-11T16:34:00,418339760+00:00] Prepare system (architecture: x86_64) [2025-09-11T16:34:00,861521765+00:00] Setup prefetched Trying to pull quay.io/jitesoft/nginx:latest... Getting image source signatures Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Copying blob sha256:fe07684b16b82247c3539ed86a65ff37a76138ec25d380bd80c869a1a4c73236 Copying blob sha256:96dd388748af46d59bfb74a70b4c8b710aa6f49c1dd268be87ccdbe9ff165630 Copying blob sha256:f5e9498bd149f33b25865a182c18cf932a88939d03ccb885a883b531d7fa85e2 Copying config sha256:23b150c53a797c6f429b4ea4577bd7f967a73efda43e2cdfbc384904861ea07a Writing manifest to image destination { "com.jitesoft.app.alpine.version": "3.22.0", "com.jitesoft.app.nginx.version": "1.29.0", "com.jitesoft.build.arch": "amd64", "com.jitesoft.build.platform": "linux/amd64", "com.jitesoft.project.registry.uri": "registry.gitlab.com/jitesoft/dockerfiles/nginx", "com.jitesoft.project.repo.issues": "https://gitlab.com/jitesoft/dockerfiles/nginx/issues", "com.jitesoft.project.repo.type": "git", "com.jitesoft.project.repo.uri": "https://gitlab.com/jitesoft/dockerfiles/nginx", "io.artifacthub.package.alternative-locations": "oci://index.docker.io/jitesoft/nginx,oci://ghcr.io/jitesoft/nginx,oci://registry.gitlab.com/jitesoft/dockerfiles/nginx", "io.artifacthub.package.logo-url": "https://jitesoft.com/favicon-96x96.png", "io.artifacthub.package.readme-url": "https://gitlab.com/jitesoft/dockerfiles/nginx/-/raw/master/README.md", "maintainer": "Johannes Tegnér ", "maintainer.org": "Jitesoft", "maintainer.org.uri": "https://jitesoft.com", "org.opencontainers.image.created": "", "org.opencontainers.image.description": "Nginx on Alpine linux", "org.opencontainers.image.source": "https://gitlab.com/jitesoft/dockerfiles/nginx", "org.opencontainers.image.vendor": "Jitesoft", "org.opencontainers.image.version": "1.29.0", "architecture": "x86_64", "vcs-type": "git", "vcs-ref": "10e29b5cb548184afa3b6490429fa46d8462c827", "build-date": "2025-09-11T16:34:00Z", "io.buildah.version": "1.40.1", "konflux.additional-tags": "test-tag1, test-tag2" } [2025-09-11T16:34:03,473960282+00:00] Register sub-man Adding the entitlement to the build [2025-09-11T16:34:03,477113812+00:00] Add secrets [2025-09-11T16:34:03,490633569+00:00] Run buildah build [2025-09-11T16:34:03,491490868+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=10e29b5cb548184afa3b6490429fa46d8462c827 --label build-date=2025-09-11T16:34:00Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.gr5Gi4 -t quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 . STEP 1/5: FROM quay.io/jitesoft/nginx:latest STEP 2/5: ENV PORT="8080" STEP 3/5: LABEL konflux.additional-tags="test-tag1, test-tag2" STEP 4/5: COPY labels.json /root/buildinfo/labels.json STEP 5/5: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="10e29b5cb548184afa3b6490429fa46d8462c827" "build-date"="2025-09-11T16:34:00Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 time="2025-09-11T16:34:04Z" level=warning msg="HEALTHCHECK is not supported for OCI image format and will be ignored. Must use `docker` format" --> cbfef98f4fe6 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 cbfef98f4fe611a3c9682109b1234b932d77d588101f786b9ee5054d81c7762e [2025-09-11T16:34:05,072999589+00:00] Unsetting proxy [2025-09-11T16:34:05,073886632+00:00] Add metadata Recording base image digests used quay.io/jitesoft/nginx:latest quay.io/jitesoft/nginx:latest@sha256:310387a2164947d72242e08503d58e76e79f9ac46a48634ba0b44245ffab9c89 Getting image source signatures Copying blob sha256:80574d57cb3acbe684bc69e857c20cdfab80566b444f74fee654d4651a21da0b Copying blob sha256:482b1bccaa656fdd253a77b42a14981a7e0d4c6cf6f76af6f69010bc50dfe631 Copying blob sha256:dc1286ac0f137358bb3f6dc47c5439ff6513bb97fd3149961f1c8669c8767312 Copying blob sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef Copying blob sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 Copying config sha256:cbfef98f4fe611a3c9682109b1234b932d77d588101f786b9ee5054d81c7762e Writing manifest to image destination [2025-09-11T16:34:05,534784414+00:00] End build pod: gh-test-custom-branch-acpckr-on-push-4flg6-build-container-pod | container step-push: [2025-09-11T16:34:05,637159877+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-09-11T16:34:06,522894119+00:00] Convert image [2025-09-11T16:34:06,523685145+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:gh-test-custom-branch-acpckr-on-push-4flg6-build-container Executing: buildah push --format=oci --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 docker://quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:gh-test-custom-branch-acpckr-on-push-4flg6-build-container [2025-09-11T16:34:11,429320056+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 Executing: buildah push --format=oci --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 docker://quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 sha256:cebf4224d03754ca619e775b947e4a6459de499359118d13b4baf5ffa40515bbquay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 [2025-09-11T16:34:12,983694851+00:00] End push pod: gh-test-custom-branch-acpckr-on-push-4flg6-build-container-pod | container step-sbom-syft-generate: [2025-09-11T16:34:13,804125402+00:00] Generate SBOM Running syft on the source directory [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) Running syft on the image [2025-09-11T16:34:17,016224149+00:00] End sbom-syft-generate pod: gh-test-custom-branch-acpckr-on-push-4flg6-build-container-pod | container step-prepare-sboms: [2025-09-11T16:34:17,933909694+00:00] Prepare SBOM [2025-09-11T16:34:17,938149312+00:00] Generate SBOM with mobster 2025-09-11 16:34:19,269 [INFO] mobster.log: Logging level set to 20 2025-09-11 16:34:19,328 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-AND. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND LicenseRef-custom', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-aom-libs-ea5260c6dbe8a3e7', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('LicenseRef-custom', is_exception=False)))) 2025-09-11 16:34:19,329 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-custom. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND LicenseRef-custom', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-aom-libs-ea5260c6dbe8a3e7', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('LicenseRef-custom', is_exception=False)))) 2025-09-11 16:34:19,329 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-AND. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND BSD-3-Clause AND Beerware AND LicenseRef-Domain AND ISC AND LicenseRef-Public', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-libmd-0387e6ced1ad6904', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('BSD-3-Clause', aliases=('LicenseRef-scancode-libzip',), is_exception=False), LicenseSymbol('Beerware', is_exception=False), LicenseSymbol('LicenseRef-Domain', is_exception=False), LicenseSymbol('ISC', is_exception=False), LicenseSymbol('LicenseRef-Public', is_exception=False)))) 2025-09-11 16:34:19,329 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND BSD-3-Clause AND Beerware AND LicenseRef-Domain AND ISC AND LicenseRef-Public', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-libmd-0387e6ced1ad6904', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('BSD-3-Clause', aliases=('LicenseRef-scancode-libzip',), is_exception=False), LicenseSymbol('Beerware', is_exception=False), LicenseSymbol('LicenseRef-Domain', is_exception=False), LicenseSymbol('ISC', is_exception=False), LicenseSymbol('LicenseRef-Public', is_exception=False)))) 2025-09-11 16:34:19,329 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND BSD-3-Clause AND Beerware AND LicenseRef-Domain AND ISC AND LicenseRef-Public', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-libmd-0387e6ced1ad6904', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('BSD-3-Clause', aliases=('LicenseRef-scancode-libzip',), is_exception=False), LicenseSymbol('Beerware', is_exception=False), LicenseSymbol('LicenseRef-Domain', is_exception=False), LicenseSymbol('ISC', is_exception=False), LicenseSymbol('LicenseRef-Public', is_exception=False)))) 2025-09-11 16:34:19,329 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-AND. license_expression must only use IDs from the license list or extracted licensing info, but is: 0BSD AND LicenseRef-AND AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-xz-libs-bd7a047b03297e4b', element_type=, full_element=AND(LicenseSymbol('0BSD', is_exception=False), LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('GPL-2.0-or-later', aliases=('GPL-2.0+', 'GPL 2.0+'), is_exception=False), LicenseSymbol('LGPL-2.1-or-later', aliases=('LGPL-2.1+',), is_exception=False), LicenseSymbol('LicenseRef-Public-Domain', is_exception=False)))) 2025-09-11 16:34:19,329 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: 0BSD AND LicenseRef-AND AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-xz-libs-bd7a047b03297e4b', element_type=, full_element=AND(LicenseSymbol('0BSD', is_exception=False), LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('GPL-2.0-or-later', aliases=('GPL-2.0+', 'GPL 2.0+'), is_exception=False), LicenseSymbol('LGPL-2.1-or-later', aliases=('LGPL-2.1+',), is_exception=False), LicenseSymbol('LicenseRef-Public-Domain', is_exception=False)))) 2025-09-11 16:34:19,339 [INFO] mobster.main: Exiting with code 0. [2025-09-11T16:34:19,399777458+00:00] End prepare-sboms pod: gh-test-custom-branch-acpckr-on-push-4flg6-build-container-pod | container step-upload-sbom: [2025-09-11T16:34:20,044242287+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr Pushing sbom to registry Executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827@sha256:cebf4224d03754ca619e775b947e4a6459de499359118d13b4baf5ffa40515bb quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr@sha256:c9c785ff208bb8d4008af3710a6f2b79034754c94dff1dd66caa3f018a88aa0d [2025-09-11T16:34:23,352873355+00:00] End upload-sbom pod: gh-test-custom-branch-acpckr-on-push-4flg6-clair-scan-pod | init container: prepare 2025/09/11 16:34:46 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-4flg6-clair-scan-pod | init container: place-scripts 2025/09/11 16:34:51 Decoded script /tekton/scripts/script-0-hntzv 2025/09/11 16:34:51 Decoded script /tekton/scripts/script-1-x9c5b 2025/09/11 16:34:51 Decoded script /tekton/scripts/script-2-l2grz 2025/09/11 16:34:51 Decoded script /tekton/scripts/script-3-c2642 pod: gh-test-custom-branch-acpckr-on-push-4flg6-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr@sha256:cebf4224d03754ca619e775b947e4a6459de499359118d13b4baf5ffa40515bb. pod: gh-test-custom-branch-acpckr-on-push-4flg6-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... 2025-09-11T16:35:11Z INF matchers created component=libvuln/New matchers=[{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"}] 2025-09-11T16:35:11Z INF libvuln initialized component=libvuln/New pod: gh-test-custom-branch-acpckr-on-push-4flg6-clair-scan-pod | container step-oci-attach-report: pod: gh-test-custom-branch-acpckr-on-push-4flg6-clair-scan-pod | container step-conftest-vulnerabilities: pod: gh-test-custom-branch-acpckr-on-push-4flg6-clamav-scan-pod | init container: prepare 2025/09/11 16:34:49 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-4flg6-clamav-scan-pod | init container: place-scripts 2025/09/11 16:34:54 Decoded script /tekton/scripts/script-0-gz9sx 2025/09/11 16:34:54 Decoded script /tekton/scripts/script-1-xl7s5 pod: gh-test-custom-branch-acpckr-on-push-4flg6-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Extracting image(s). Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 2.584 sec (0 m 2 s) Start Date: 2025:09:11 16:35:23 End Date: 2025:09:11 16:35:26 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27759/Wed Sep 10 08:27:04 2025 Database version: 27759 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1757608526","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1757608526","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1757608526","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827", "digests": ["sha256:cebf4224d03754ca619e775b947e4a6459de499359118d13b4baf5ffa40515bb"]}} pod: gh-test-custom-branch-acpckr-on-push-4flg6-clamav-scan-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr Attaching to quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 Executing (attempt 1): $ oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827@sha256:cebf4224d03754ca619e775b947e4a6459de499359118d13b4baf5ffa40515bb clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Uploading 0428e98ede63 clamscan-ec-test-amd64.json Uploading cb909efde171 clamscan-result-amd64.log Uploaded 0428e98ede63 clamscan-ec-test-amd64.json Uploaded cb909efde171 clamscan-result-amd64.log Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827@sha256:cebf4224d03754ca619e775b947e4a6459de499359118d13b4baf5ffa40515bb Digest: sha256:794827769284287a71362412df98fd0314ca6a8d58b955723f250619beecc13a pod: gh-test-custom-branch-acpckr-on-push-4flg6-clone-repository-pod | init container: prepare 2025/09/11 16:33:26 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-4flg6-clone-repository-pod | init container: place-scripts 2025/09/11 16:33:28 Decoded script /tekton/scripts/script-0-rsp62 2025/09/11 16:33:28 Decoded script /tekton/scripts/script-1-vmd4h pod: gh-test-custom-branch-acpckr-on-push-4flg6-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1757608412.980387,"caller":"git/git.go:200","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/devfile-sample-hello-world @ 10e29b5cb548184afa3b6490429fa46d8462c827 (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1757608413.006147,"caller":"git/git.go:239","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision 10e29b5cb548184afa3b6490429fa46d8462c827 directly. pod: gh-test-custom-branch-acpckr-on-push-4flg6-clone-repository-pod | container step-symlink-check: Running symlink check pod: gh-test-custom-branch-acpckr-on-push-4flg6-init-pod | init container: prepare 2025/09/11 16:33:06 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-4flg6-init-pod | init container: place-scripts 2025/09/11 16:33:08 Decoded script /tekton/scripts/script-0-57gc6 pod: gh-test-custom-branch-acpckr-on-push-4flg6-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 Determine if Image Already Exists pod: gh-test-custom-branch-acpckr-on-push-4flg6-push-dockerfile-pod | init container: prepare 2025/09/11 16:34:56 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-4flg6-push-dockerfile-pod | init container: place-scripts 2025/09/11 16:35:01 Decoded script /tekton/scripts/script-0-zljp9 pod: gh-test-custom-branch-acpckr-on-push-4flg6-push-dockerfile-pod | init container: working-dir-initializer pod: gh-test-custom-branch-acpckr-on-push-4flg6-push-dockerfile-pod | container step-push: [2025-09-11T16:35:22,848011477+00:00] Validate context path Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 Using token for quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr Pushing Dockerfile to registry Executing: oras push --no-tty --format json --registry-config /tmp/tmp.vaNm43WoYn --artifact-type application/vnd.konflux.dockerfile quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:sha256-cebf4224d03754ca619e775b947e4a6459de499359118d13b4baf5ffa40515bb.dockerfile Dockerfile pod: gh-test-custom-branch-acpckr-on-push-4flg6-sast-shell-check-pod | init container: prepare 2025/09/11 16:34:53 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-4flg6-sast-shell-check-pod | init container: place-scripts 2025/09/11 16:34:59 Decoded script /tekton/scripts/script-0-5cbzg 2025/09/11 16:34:59 Decoded script /tekton/scripts/script-1-rmqkc pod: gh-test-custom-branch-acpckr-on-push-4flg6-sast-shell-check-pod | init container: working-dir-initializer pod: gh-test-custom-branch-acpckr-on-push-4flg6-sast-shell-check-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=gh-test-custom-branch-acpckr + echo 'The PROJECT_NAME used is: gh-test-custom-branch-acpckr' + ca_bundle=/mnt/trusted-ca/ca-bundle.crt The PROJECT_NAME used is: gh-test-custom-branch-acpckr + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/workspace/workspace/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/workspace/workspace/source/. ++ realpath -m /workspace/workspace/source/. + resolved_path=/workspace/workspace/source + [[ /workspace/workspace/source == \/\w\o\r\k\s\p\a\c\e\/\w\o\r\k\s\p\a\c\e\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' + /usr/share/csmock/scripts/run-shellcheck.sh /workspace/workspace/source Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/sendemail-validate.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/update.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/workspace/workspace/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-100.json ./shellcheck-results/sc-103.json ./shellcheck-results/sc-124.json ./shellcheck-results/sc-136.json ./shellcheck-results/sc-138.json ./shellcheck-results/sc-140.json ./shellcheck-results/sc-91.json ./shellcheck-results/sc-94.json ./shellcheck-results/sc-95.json ./shellcheck-results/sc-97.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + echo -n 'Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + echo 'Setting KFP_GIT_URL to empty string' + KFP_GIT_URL= Probing https://gitlab.cee.redhat.com/osh/known-false-positives... Setting KFP_GIT_URL to empty string + '[' -n '' ']' + echo 'KFP_GIT_URL is not set. Skipping false positive filtering.' + echo 'ShellCheck results have been saved to shellcheck-results.json' KFP_GIT_URL is not set. Skipping false positive filtering. ShellCheck results have been saved to shellcheck-results.json + csgrep --mode=evtstat shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + note='Task sast-shell-check completed successfully.' ++ make_result_json -r SUCCESS -t 'Task sast-shell-check completed successfully.' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-shell-check completed successfully.' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2025-09-11T16:35:26+00:00 --arg result SUCCESS --arg note 'Task sast-shell-check completed successfully.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2025-09-11T16:35:26+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2025-09-11T16:35:26+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2025-09-11T16:35:26+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2025-09-11T16:35:26+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2025-09-11T16:35:26+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: gh-test-custom-branch-acpckr-on-push-4flg6-sast-shell-check-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr Attaching to quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827@sha256:cebf4224d03754ca619e775b947e4a6459de499359118d13b4baf5ffa40515bb shellcheck-results.sarif:application/sarif+json Exists 3b606a9dd3a1 shellcheck-results.sarif Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827@sha256:cebf4224d03754ca619e775b947e4a6459de499359118d13b4baf5ffa40515bb Digest: sha256:ceeea9aa98acd13bafbc2ede5a884272f5562cc05026588b0e85b2ac70fd770a No excluded-findings.json exists. Skipping upload. pod: gh-test-custom-branch-acpckr-on-push-4flg6-sast-snyk-check-pod | init container: prepare 2025/09/11 16:34:49 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-4flg6-sast-snyk-check-pod | init container: place-scripts 2025/09/11 16:34:53 Decoded script /tekton/scripts/script-0-f8wpc 2025/09/11 16:34:53 Decoded script /tekton/scripts/script-1-526lp pod: gh-test-custom-branch-acpckr-on-push-4flg6-sast-snyk-check-pod | init container: working-dir-initializer pod: gh-test-custom-branch-acpckr-on-push-4flg6-sast-snyk-check-pod | container step-sast-snyk-check: pod: gh-test-custom-branch-acpckr-on-push-4flg6-sast-snyk-check-pod | container step-upload: pod: gh-test-custom-branch-acpckr-on-push-4flg6-show-summary-pod | init container: prepare 2025/09/11 16:35:40 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-4flg6-show-summary-pod | init container: place-scripts 2025/09/11 16:35:42 Decoded script /tekton/scripts/script-0-dj6k4 pod: gh-test-custom-branch-acpckr-on-push-4flg6-show-summary-pod | container step-appstudio-summary: Build Summary: Build repository: https://github.com/redhat-appstudio-qe/devfile-sample-hello-world?rev=10e29b5cb548184afa3b6490429fa46d8462c827 Generated Image is in : quay.io/redhat-appstudio-qe/build-e2e-ofln/gh-test-custom-branch-acpckr:10e29b5cb548184afa3b6490429fa46d8462c827 End Summary pod: gh-test-custom-branch-acpckr-on-push-xdkss-show-summary-pod | init container: prepare 2025/09/11 16:31:13 Entrypoint initialization pod: gh-test-custom-branch-acpckr-on-push-xdkss-show-summary-pod | init container: place-scripts 2025/09/11 16:31:15 Decoded script /tekton/scripts/script-0-msx9p pod: gh-test-custom-branch-acpckr-on-push-xdkss-show-summary-pod | container step-appstudio-summary: Build Summary: Build repository: https://github.com/redhat-appstudio-qe/devfile-sample-hello-world?rev=948925faa02592de216c57094fd4f66e2fa2eeb7 End Summary