WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations.
WARNING: Downloading SBOMs this way does not ensure its authenticity. If you want to ensure a tamper-proof SBOM, download it using 'cosign download attestation <image uri>'.
Found SBOM of media type: text/spdx+json
Detected base images from amd64 SBOM:
registry.access.redhat.com/ubi8/openjdk-17
registry.access.redhat.com/ubi8/openjdk-17-runtime

Images to be checked:
registry.access.redhat.com/ubi8/openjdk-17
registry.access.redhat.com/ubi8/openjdk-17-runtime

Querying Red Hat Catalog for registry.access.redhat.com/ubi8/openjdk-17.
Running conftest using /project/repository/ policy, required_checks namespace.
[
	{
		"filename": "/tmp/ubi8/openjdk-17/repository_data.json",
		"namespace": "required_checks",
		"successes": 1
	}
]
[SUCCESS] Image registry.access.redhat.com/ubi8/openjdk-17 is valid
Querying Red Hat Catalog for registry.access.redhat.com/ubi8/openjdk-17-runtime.
Running conftest using /project/repository/ policy, required_checks namespace.
[
	{
		"filename": "/tmp/ubi8/openjdk-17-runtime/repository_data.json",
		"namespace": "required_checks",
		"successes": 1
	}
]
[SUCCESS] Image registry.access.redhat.com/ubi8/openjdk-17-runtime is valid
{"result":"SUCCESS","timestamp":"2026-02-16T18:42:01+00:00","note":"Task deprecated-image-check completed: Check result for task result.","namespace":"required_checks","successes":2,"failures":0,"warnings":0}
{"image": {"pullspec": "quay.io/redhat-appstudio-qe/group-bgnq/konflux-test-integration-clone-tfpvob:on-pr-afd2df2aa943d5416ff289fe0326041ddc8c657c", "digests": ["sha256:81d54b9afcb78c72147028c7f7c5f253cb2b6364bca9499b9cbf89ace66dc7a7"]}}