pod: gl-test-custom-branch-jmbghm-on-pull-request-qp45d-init-pod | init container: prepare 2025/10/24 13:09:38 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-pull-request-qp45d-init-pod | init container: place-scripts 2025/10/24 13:09:40 Decoded script /tekton/scripts/script-0-nvlmh pod: gl-test-custom-branch-jmbghm-on-pull-request-qp45d-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:on-pr-505808c41d5961567a2b79dea6113c3a6f81a565 Determine if Image Already Exists pod: gl-test-custom-branch-jmbghm-on-pull-request-vctv8-init-pod | init container: prepare 2025/10/24 13:12:47 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-pull-request-vctv8-init-pod | init container: place-scripts 2025/10/24 13:12:48 Decoded script /tekton/scripts/script-0-mrdt4 pod: gl-test-custom-branch-jmbghm-on-pull-request-vctv8-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:on-pr-f9f2bed1d480b1bd59f982852b63953b47bedbf6 Determine if Image Already Exists pod: gl-test-custom-branch-jmbghm-on-push-tnndv-apply-tags-pod | init container: prepare 2025/10/24 13:15:57 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-push-tnndv-apply-tags-pod | init container: place-scripts 2025/10/24 13:16:00 Decoded script /tekton/scripts/script-0-dctpb 2025/10/24 13:16:00 Decoded script /tekton/scripts/script-1-5lpj4 pod: gl-test-custom-branch-jmbghm-on-push-tnndv-apply-tags-pod | container step-apply-additional-tags-from-parameter: No additional tags parameter specified pod: gl-test-custom-branch-jmbghm-on-push-tnndv-apply-tags-pod | container step-apply-additional-tags-from-image-label: Applying tag test-tag1 pod: gl-test-custom-branch-jmbghm-on-push-tnndv-build-container-pod | init container: prepare 2025/10/24 13:15:13 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-push-tnndv-build-container-pod | init container: place-scripts 2025/10/24 13:15:14 Decoded script /tekton/scripts/script-0-8k974 2025/10/24 13:15:14 Decoded script /tekton/scripts/script-1-gpstq 2025/10/24 13:15:14 Decoded script /tekton/scripts/script-2-nr6lx 2025/10/24 13:15:14 Decoded script /tekton/scripts/script-3-kfbhx 2025/10/24 13:15:14 Decoded script /tekton/scripts/script-4-x5v7l pod: gl-test-custom-branch-jmbghm-on-push-tnndv-build-container-pod | init container: working-dir-initializer pod: gl-test-custom-branch-jmbghm-on-push-tnndv-build-container-pod | container step-build: [2025-10-24T13:15:18,255159836+00:00] Validate context path [2025-10-24T13:15:18,258975830+00:00] Update CA trust [2025-10-24T13:15:18,260220177+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-10-24T13:15:20,692115443+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2025-10-24T13:15:20,701388158+00:00] Prepare system (architecture: x86_64) [2025-10-24T13:15:20,826627766+00:00] Setup prefetched Trying to pull quay.io/jitesoft/nginx:latest... Getting image source signatures Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Copying blob sha256:2d35ebdb57d9971fea0cac1582aa78935adf8058b2cc32db163c98822e5dfa1b Copying blob sha256:cf4ba836528490bb3adbc7bccc51c4f51193fd8d703e408d6285e33242c2cb27 Copying blob sha256:91137199d2d3038e3d089f2b3eec98443e7838e63df8c25895d61043489a42f3 Copying config sha256:b65a13cb413ade37f56093fb2deb5911f2313f2fc4c3fab25d3ec25957ad7b86 Writing manifest to image destination [2025-10-24T13:15:23,137009318+00:00] Unsetting proxy { "com.jitesoft.app.alpine.version": "3.22.2", "com.jitesoft.app.nginx.version": "1.29.2", "com.jitesoft.build.arch": "amd64", "com.jitesoft.build.platform": "linux/amd64", "com.jitesoft.project.registry.uri": "registry.gitlab.com/jitesoft/dockerfiles/nginx", "com.jitesoft.project.repo.issues": "https://gitlab.com/jitesoft/dockerfiles/nginx/issues", "com.jitesoft.project.repo.type": "git", "com.jitesoft.project.repo.uri": "https://gitlab.com/jitesoft/dockerfiles/nginx", "io.artifacthub.package.alternative-locations": "oci://index.docker.io/jitesoft/nginx,oci://ghcr.io/jitesoft/nginx,oci://registry.gitlab.com/jitesoft/dockerfiles/nginx", "io.artifacthub.package.logo-url": "https://jitesoft.com/favicon-96x96.png", "io.artifacthub.package.readme-url": "https://gitlab.com/jitesoft/dockerfiles/nginx/-/raw/master/README.md", "maintainer": "Johannes Tegnér ", "maintainer.org": "Jitesoft", "maintainer.org.uri": "https://jitesoft.com", "org.opencontainers.image.created": "", "org.opencontainers.image.description": "Nginx on Alpine linux", "org.opencontainers.image.source": "https://gitlab.com/konflux-qe/devfile-sample-hello-world", "org.opencontainers.image.vendor": "Jitesoft", "org.opencontainers.image.version": "1.29.2", "architecture": "x86_64", "vcs-type": "git", "vcs-ref": "049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6", "org.opencontainers.image.revision": "049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6", "build-date": "2025-10-24T13:15:20Z", "io.buildah.version": "1.41.4", "konflux.additional-tags": "test-tag1, test-tag2" } [2025-10-24T13:15:23,181199545+00:00] Register sub-man Adding the entitlement to the build [2025-10-24T13:15:23,185588125+00:00] Add secrets [2025-10-24T13:15:23,203947153+00:00] Run buildah build [2025-10-24T13:15:23,205235566+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 --label org.opencontainers.image.revision=049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 --label org.opencontainers.image.source=https://gitlab.com/konflux-qe/devfile-sample-hello-world --label build-date=2025-10-24T13:15:20Z --annotation org.opencontainers.image.revision=049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 --annotation org.opencontainers.image.source=https://gitlab.com/konflux-qe/devfile-sample-hello-world --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.UU8rSg -t quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 . STEP 1/5: FROM quay.io/jitesoft/nginx:latest STEP 2/5: ENV PORT="8080" STEP 3/5: LABEL konflux.additional-tags="test-tag1, test-tag2" STEP 4/5: COPY labels.json /root/buildinfo/labels.json STEP 5/5: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6" "org.opencontainers.image.revision"="049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6" "org.opencontainers.image.source"="https://gitlab.com/konflux-qe/devfile-sample-hello-world" "build-date"="2025-10-24T13:15:20Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 time="2025-10-24T13:15:23Z" level=warning msg="HEALTHCHECK is not supported for OCI image format and will be ignored. Must use `docker` format" --> 0168f73e4319 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 0168f73e431943f5a0958f8275d2b6f0a85cfe7772c4d98c6e8047338f33c0ca [2025-10-24T13:15:24,129588539+00:00] Unsetting proxy [2025-10-24T13:15:24,131313263+00:00] Add metadata Recording base image digests used quay.io/jitesoft/nginx:latest quay.io/jitesoft/nginx:latest@sha256:53aaee92d207b6ddfe428c697514714cbef243711a599f408534665f6da0255c Getting image source signatures Copying blob sha256:467a3c90f120b32233caed42579aa0d45690dd98df12bbc9b5496a29e3841369 Copying blob sha256:256f393e029fa2063d8c93720da36a74a032bed3355a2bc3e313ad12f8bde9d1 Copying blob sha256:1ea51c3f683f33a7148c84d6900dee0d6b2746aec78d13c0d929b8f0ad53cb02 Copying blob sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef Copying blob sha256:f8e7ccd03afcc9d0564cf87f00b053027fa490a67b32d7088092f33362e5c501 Copying config sha256:0168f73e431943f5a0958f8275d2b6f0a85cfe7772c4d98c6e8047338f33c0ca Writing manifest to image destination [2025-10-24T13:15:24,556542837+00:00] End build pod: gl-test-custom-branch-jmbghm-on-push-tnndv-build-container-pod | container step-push: [2025-10-24T13:15:25,406126515+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-10-24T13:15:27,676505040+00:00] Convert image [2025-10-24T13:15:27,677915950+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:gl-test-custom-branch-jmbghm-on-push-tnndv-build-container Executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 docker://quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:gl-test-custom-branch-jmbghm-on-push-tnndv-build-container [2025-10-24T13:15:31,933666051+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 Executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 docker://quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 sha256:ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 [2025-10-24T13:15:33,468704461+00:00] End push pod: gl-test-custom-branch-jmbghm-on-push-tnndv-build-container-pod | container step-sbom-syft-generate: [2025-10-24T13:15:33,557781383+00:00] Generate SBOM Running syft on the source directory [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) Running syft on the image [2025-10-24T13:15:36,219163054+00:00] End sbom-syft-generate pod: gl-test-custom-branch-jmbghm-on-push-tnndv-build-container-pod | container step-prepare-sboms: [2025-10-24T13:15:36,708445884+00:00] Prepare SBOM [2025-10-24T13:15:36,713147518+00:00] Generate SBOM with mobster 2025-10-24 13:15:38,013 [INFO] mobster.log: Logging level set to 20 2025-10-24 13:15:38,049 [INFO] mobster.oci: Fetching manifest for quay.io/jitesoft/nginx@sha256:53aaee92d207b6ddfe428c697514714cbef243711a599f408534665f6da0255c 2025-10-24 13:15:41,627 [INFO] mobster.cmd.generate.oci_image.contextual_parent_content: Contextual mechanism won't be used, there is no parent image SBOM. 2025-10-24 13:15:41,638 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-AND. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND LicenseRef-custom', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-aom-libs-ea5260c6dbe8a3e7', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('LicenseRef-custom', is_exception=False)))) 2025-10-24 13:15:41,638 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-custom. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND LicenseRef-custom', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-aom-libs-ea5260c6dbe8a3e7', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('LicenseRef-custom', is_exception=False)))) 2025-10-24 13:15:41,638 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-AND. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND BSD-3-Clause AND Beerware AND LicenseRef-Domain AND ISC AND LicenseRef-Public', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-libmd-0387e6ced1ad6904', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('BSD-3-Clause', aliases=('LicenseRef-scancode-libzip',), is_exception=False), LicenseSymbol('Beerware', is_exception=False), LicenseSymbol('LicenseRef-Domain', is_exception=False), LicenseSymbol('ISC', is_exception=False), LicenseSymbol('LicenseRef-Public', is_exception=False)))) 2025-10-24 13:15:41,638 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND BSD-3-Clause AND Beerware AND LicenseRef-Domain AND ISC AND LicenseRef-Public', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-libmd-0387e6ced1ad6904', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('BSD-3-Clause', aliases=('LicenseRef-scancode-libzip',), is_exception=False), LicenseSymbol('Beerware', is_exception=False), LicenseSymbol('LicenseRef-Domain', is_exception=False), LicenseSymbol('ISC', is_exception=False), LicenseSymbol('LicenseRef-Public', is_exception=False)))) 2025-10-24 13:15:41,638 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-AND AND BSD-2-Clause AND BSD-3-Clause AND Beerware AND LicenseRef-Domain AND ISC AND LicenseRef-Public', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-libmd-0387e6ced1ad6904', element_type=, full_element=AND(LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('BSD-2-Clause', aliases=('BSD-2-Clause-NetBSD', 'BSD-2'), is_exception=False), LicenseSymbol('BSD-3-Clause', aliases=('LicenseRef-scancode-libzip',), is_exception=False), LicenseSymbol('Beerware', is_exception=False), LicenseSymbol('LicenseRef-Domain', is_exception=False), LicenseSymbol('ISC', is_exception=False), LicenseSymbol('LicenseRef-Public', is_exception=False)))) 2025-10-24 13:15:41,638 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-AND. license_expression must only use IDs from the license list or extracted licensing info, but is: 0BSD AND LicenseRef-AND AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-xz-libs-bd7a047b03297e4b', element_type=, full_element=AND(LicenseSymbol('0BSD', is_exception=False), LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('GPL-2.0-or-later', aliases=('GPL-2.0+', 'GPL 2.0+'), is_exception=False), LicenseSymbol('LGPL-2.1-or-later', aliases=('LGPL-2.1+',), is_exception=False), LicenseSymbol('LicenseRef-Public-Domain', is_exception=False)))) 2025-10-24 13:15:41,638 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: 0BSD AND LicenseRef-AND AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-apk-xz-libs-bd7a047b03297e4b', element_type=, full_element=AND(LicenseSymbol('0BSD', is_exception=False), LicenseSymbol('LicenseRef-AND', is_exception=False), LicenseSymbol('GPL-2.0-or-later', aliases=('GPL-2.0+', 'GPL 2.0+'), is_exception=False), LicenseSymbol('LGPL-2.1-or-later', aliases=('LGPL-2.1+',), is_exception=False), LicenseSymbol('LicenseRef-Public-Domain', is_exception=False)))) 2025-10-24 13:15:41,647 [INFO] mobster.main: Exiting with code 0. [2025-10-24T13:15:41,717518735+00:00] End prepare-sboms pod: gl-test-custom-branch-jmbghm-on-push-tnndv-build-container-pod | container step-upload-sbom: [2025-10-24T13:15:41,833201493+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm Pushing sbom to registry Executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6@sha256:ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349 quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm@sha256:69de12a9c944552b9f3e2cec231173fbce3cc4af714563ba17b91affed22e6b2 [2025-10-24T13:15:44,728573808+00:00] End upload-sbom pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clair-scan-pod | init container: prepare 2025/10/24 13:15:55 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clair-scan-pod | init container: place-scripts 2025/10/24 13:15:58 Decoded script /tekton/scripts/script-0-fr8kr 2025/10/24 13:15:58 Decoded script /tekton/scripts/script-1-mzn4v 2025/10/24 13:15:58 Decoded script /tekton/scripts/script-2-fkx85 2025/10/24 13:15:58 Decoded script /tekton/scripts/script-3-mswch pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm@sha256:ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349. pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... 2025-10-24T13:16:05Z INF matchers created component=libvuln/New matchers=[{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"}] 2025-10-24T13:16:05Z INF libvuln initialized component=libvuln/New pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clair-scan-pod | container step-oci-attach-report: Using token for quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm@sha256:ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349 clair-report-amd64.json:application/vnd.redhat.clair-report+json Selecting auth Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm@sha256:ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349 pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clair-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 10 } ] {"vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6", "digests": ["sha256:ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349"]}} {"result":"SUCCESS","timestamp":"2025-10-24T13:16:12+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clamav-scan-pod | init container: prepare 2025/10/24 13:15:55 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clamav-scan-pod | init container: place-scripts 2025/10/24 13:15:58 Decoded script /tekton/scripts/script-0-8x82l 2025/10/24 13:15:58 Decoded script /tekton/scripts/script-1-7zcld pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Extracting image(s). Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 2.339 sec (0 m 2 s) Start Date: 2025:10:24 13:16:21 End Date: 2025:10:24 13:16:23 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27801/Thu Oct 23 09:45:29 2025 Database version: 27801 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1761311783","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1761311783","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1761311783","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6", "digests": ["sha256:ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349"]}} pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clamav-scan-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm Attaching to quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6@sha256:ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349 clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 75f49849f345 clamscan-ec-test-amd64.json Uploading 8250222bac09 clamscan-result-amd64.log Uploaded 75f49849f345 clamscan-ec-test-amd64.json Uploaded 8250222bac09 clamscan-result-amd64.log Uploading 51c19060ea11 application/vnd.oci.image.manifest.v1+json Uploaded 51c19060ea11 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6@sha256:ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349 Digest: sha256:51c19060ea11b836b5b1345159c69b3ad94713b61c83ed06184b60c3126dad39 pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clone-repository-pod | init container: prepare 2025/10/24 13:14:58 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clone-repository-pod | init container: place-scripts 2025/10/24 13:15:00 Decoded script /tekton/scripts/script-0-947jp 2025/10/24 13:15:00 Decoded script /tekton/scripts/script-1-5bbjt pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1761311702.166116,"caller":"git/git.go:380","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1761311703.4087465,"caller":"git/git.go:217","msg":"Successfully cloned https://gitlab.com/konflux-qe/devfile-sample-hello-world @ 049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1761311703.4090238,"caller":"git/git.go:380","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1761311703.4373558,"caller":"git/git.go:263","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision 049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 directly. pod: gl-test-custom-branch-jmbghm-on-push-tnndv-clone-repository-pod | container step-symlink-check: Running symlink check pod: gl-test-custom-branch-jmbghm-on-push-tnndv-init-pod | init container: prepare 2025/10/24 13:14:53 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-push-tnndv-init-pod | init container: place-scripts 2025/10/24 13:14:54 Decoded script /tekton/scripts/script-0-2sjkp pod: gl-test-custom-branch-jmbghm-on-push-tnndv-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 Determine if Image Already Exists pod: gl-test-custom-branch-jmbghm-on-push-tnndv-push-dockerfile-pod | init container: prepare 2025/10/24 13:15:59 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-push-tnndv-push-dockerfile-pod | init container: place-scripts 2025/10/24 13:16:01 Decoded script /tekton/scripts/script-0-x7kh6 pod: gl-test-custom-branch-jmbghm-on-push-tnndv-push-dockerfile-pod | init container: working-dir-initializer pod: gl-test-custom-branch-jmbghm-on-push-tnndv-push-dockerfile-pod | container step-push: [2025-10-24T13:16:05,890010006+00:00] Validate context path Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 Using token for quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm Pushing Dockerfile to registry Executing: oras push --no-tty --format json --registry-config /tmp/tmp.upMO4KF2sW --artifact-type application/vnd.konflux.dockerfile quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:sha256-ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349.dockerfile Dockerfile pod: gl-test-custom-branch-jmbghm-on-push-tnndv-sast-shell-check-pod | init container: prepare 2025/10/24 13:15:56 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-push-tnndv-sast-shell-check-pod | init container: place-scripts 2025/10/24 13:15:58 Decoded script /tekton/scripts/script-0-7z9ck 2025/10/24 13:15:58 Decoded script /tekton/scripts/script-1-z4zsk pod: gl-test-custom-branch-jmbghm-on-push-tnndv-sast-shell-check-pod | init container: working-dir-initializer pod: gl-test-custom-branch-jmbghm-on-push-tnndv-sast-shell-check-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=gl-test-custom-branch-jmbghm + echo 'INFO: The PROJECT_NAME used is: gl-test-custom-branch-jmbghm' INFO: The PROJECT_NAME used is: gl-test-custom-branch-jmbghm + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/workspace/workspace/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/workspace/workspace/source/. ++ realpath -m /workspace/workspace/source/. + resolved_path=/workspace/workspace/source + [[ /workspace/workspace/source == \/\w\o\r\k\s\p\a\c\e\/\w\o\r\k\s\p\a\c\e\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' + /usr/share/csmock/scripts/run-shellcheck.sh /workspace/workspace/source Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/sendemail-validate.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/update.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/workspace/workspace/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-100.json ./shellcheck-results/sc-119.json ./shellcheck-results/sc-130.json ./shellcheck-results/sc-131.json ./shellcheck-results/sc-134.json ./shellcheck-results/sc-86.json ./shellcheck-results/sc-89.json ./shellcheck-results/sc-90.json ./shellcheck-results/sc-94.json ./shellcheck-results/sc-97.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' ShellCheck results have been saved to shellcheck-results.json + echo 'ShellCheck results have been saved to shellcheck-results.json' + csgrep --mode=evtstat shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + note='Task sast-shell-check completed successfully.' ++ make_result_json -r SUCCESS -t 'Task sast-shell-check completed successfully.' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-shell-check completed successfully.' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2025-10-24T13:16:05+00:00 --arg result SUCCESS --arg note 'Task sast-shell-check completed successfully.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2025-10-24T13:16:05+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2025-10-24T13:16:05+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2025-10-24T13:16:05+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2025-10-24T13:16:05+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2025-10-24T13:16:05+00:00","note":"Task sast-shell-check completed successfully.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: gl-test-custom-branch-jmbghm-on-push-tnndv-sast-shell-check-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm Attaching to quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-anlg/gl-test-custom-branch-jmbghm:049c6777fe4535e9e44ff6b05be3dc9ce6f2d3d6@sha256:ab434fc72123ae78616f606c2db2d204636ab84c0e4550805aa782d8f64be349 shellcheck-results.sarif:application/sarif+json Preparing shellcheck-results.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Exists 3b606a9dd3a1 shellcheck-results.sarif Uploading 00107169cdb4 application/vnd.oci.image.manifest.v1+json pod: gl-test-custom-branch-jmbghm-on-push-tnndv-sast-snyk-check-pod | init container: prepare 2025/10/24 13:16:11 Entrypoint initialization pod: gl-test-custom-branch-jmbghm-on-push-tnndv-sast-snyk-check-pod | init container: place-scripts 2025/10/24 13:16:12 Decoded script /tekton/scripts/script-0-sd5wr 2025/10/24 13:16:12 Decoded script /tekton/scripts/script-1-l2pqq pod: gl-test-custom-branch-jmbghm-on-push-tnndv-sast-snyk-check-pod | init container: working-dir-initializer pod: gl-test-custom-branch-jmbghm-on-push-tnndv-sast-snyk-check-pod | container step-sast-snyk-check: INFO: The PROJECT_NAME used is: gl-test-custom-branch-jmbghm INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' {"result":"SKIPPED","timestamp":"2025-10-24T13:16:17+00:00","note":"Task sast-snyk-check skipped: If you wish to use the Snyk code SAST task, please create a secret name snyk-secret with the key 'snyk_token' containing the Snyk token by following the steps given [here](https://konflux-ci.dev/docs/testing/build/snyk/)","namespace":"default","successes":0,"failures":0,"warnings":0} pod: gl-test-custom-branch-jmbghm-on-push-tnndv-sast-snyk-check-pod | container step-upload: No sast_snyk_check_out.sarif exists. Skipping upload. No excluded-findings.json exists. Skipping upload.