{"success": true,"components": [{"name": "","containerImage": "quay.io/redhat-appstudio-qe/test-images@sha256:722b2f7f6f9f0cc8a004adcfbba57adac359bc7aabdcae1b7d4606d287f57798","source": {},"successes": [{"msg": "Pass","metadata": {"code": "builtin.attestation.signature_check","description": "The attestation signature matches available signing materials.","title": "Attestation signature check passed"}},{"msg": "Pass","metadata": {"code": "builtin.attestation.syntax_check","description": "The attestation has correct syntax.","title": "Attestation syntax check passed"}},{"msg": "Pass","metadata": {"code": "builtin.image.signature_check","description": "The image signature matches available signing materials.","title": "Image signature check passed"}},{"msg": "Pass","metadata": {"code": "slsa_provenance_available.allowed_predicate_types_provided","collections": ["minimal","slsa3","redhat","redhat_rpms","policy_data"],"description": "Confirm the `allowed_predicate_types` rule data was provided, since it is required by the policy rules in this package.","title": "Allowed predicate types provided"}},{"msg": "Pass","metadata": {"code": "slsa_provenance_available.attestation_predicate_type_accepted","collections": ["minimal","slsa3","redhat","redhat_rpms"],"depends_on": ["attestation_type.known_attestation_type"],"description": "Verify that the predicateType field of the attestation indicates the in-toto SLSA Provenance format was used to attest the PipelineRun.","title": "Expected attestation predicate type found"}}],"success": true,"signatures": [{"keyid": "","sig": "MEUCIQDAu9IY58PqaeaYl8NzNzrNqDATrxhmCy8UC8hnBG8/KAIgIYk5T76gXW0biWTlrIbtIGpKto/C3BanmQvC7u8oXLc="},{"keyid": "","sig": "MEQCIGtdSNrKg6sLjLhRcPPBBX2Y4fIGg0/EU0NsWKdg8fscAiBQn37F3KnE4EXpTQ+NgZXH/2SKvtpBl6yTOKuKOF49Ew=="},{"keyid": "","sig": "MEYCIQC04G/xDz1OUc6DjO0NB/t3E+9NX50JguZ7zdQxKAk7SAIhAJsa2zgy/y/AEjeWficMdtjYnYjpm7VDpWbpgRsWBpdp"}],"attestations": [{"type": "https://in-toto.io/Statement/v0.1","predicateType": "https://slsa.dev/provenance/v0.2","predicateBuildType": "tekton.dev/v1/PipelineRun","signatures": [{"keyid": "SHA256:kpKQ0VG90JYKhGtIEBAdyd99LG6opzcAOhWOC6YNqeA","sig": "MEUCIQCBPaU+DQQhMzDGXy8hL4XgvBZe7+/uZUPCz2CJKmtsQAIgfShGrPCK92Ux/ghDxlhg1B6i1z6PO9V3YVkZ5x8uKzA="}]}]}],"key": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEu2f24nWh1IQeqXhnn2cgRrRG6iu4\n1NjDj7sykHU2Q4h3QX0TOpI6mTxC1Ui568bDWUprIBzfAH//bzVhM9o7Bw==\n-----END PUBLIC KEY-----\n","policy": {"name": "Default","description": "Includes rules for levels 1, 2 & 3 of SLSA v0.1. This is the default config used for new Konflux applications. Source: https://github.com/conforma/config/blob/main/default/policy.yaml","sources": [{"name": "Default","policy": ["oci::quay.io/enterprise-contract/ec-release-policy:konflux@sha256:59c6b95c02295edb7928ef187571d26d426993fd5aae0236a03c832afbd6072a"],"data": ["git::github.com/release-engineering/rhtap-ec-policy//data?ref=67018469815ee9f81e47cfb54dae39d71ed5f389","oci::quay.io/konflux-ci/tekton-catalog/data-acceptable-bundles:latest@sha256:b640a2e8c2f97a50de94ee80b0e904325b61628ab8571e861e3ae657c62879ef","oci::quay.io/konflux-ci/konflux-vanguard/data-acceptable-bundles:latest@sha256:0b31c7bc77a7463a1bc52f3d3625ef0e0e75443da7fd2de8005d7885282138ea","oci::quay.io/konflux-ci/integration-service-catalog/data-acceptable-bundles:latest@sha256:7b00455045ea3873a72caeb1e7ac7d036bd53963a26409891a4cc9d0d242b9fc"],"config": {"include": ["slsa_provenance_available"]}}],"publicKey": "k8s://chains-e2e-wpux/cosign-public-key"},"ec-version": "v0.9.25","effective-time": "2026-05-06T13:31:55.228470869Z"}