pod: test-comp-pac-gitlab-xqsixg-on-pull-request-j7q84-init-pod | init container: prepare 2025/11/09 17:03:17 Entrypoint initialization pod: test-comp-pac-gitlab-xqsixg-on-pull-request-j7q84-init-pod | init container: place-scripts 2025/11/09 17:03:20 Decoded script /tekton/scripts/script-0-pb79k pod: test-comp-pac-gitlab-xqsixg-on-pull-request-j7q84-init-pod | container step-init: Build Initialize: quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518 Determine if Image Already Exists pod: test-comp-pac-gitlab-xqsixg2b9a1927fafdfe0b8903e9c0fb5fec7b-pod | init container: prepare 2025/11/09 17:06:10 Entrypoint initialization pod: test-comp-pac-gitlab-xqsixg2b9a1927fafdfe0b8903e9c0fb5fec7b-pod | init container: place-scripts 2025/11/09 17:06:18 Decoded script /tekton/scripts/script-0-s2fdr 2025/11/09 17:06:18 Decoded script /tekton/scripts/script-1-v4zjk pod: test-comp-pac-gitlab-xqsixg2b9a1927fafdfe0b8903e9c0fb5fec7b-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Extracting image(s). Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 14.860 sec (0 m 14 s) Start Date: 2025:11:09 17:07:26 End Date: 2025:11:09 17:07:41 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27816/Fri Nov 7 10:51:16 2025 Database version: 27816 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1762708061","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1762708061","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1762708061","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518", "digests": ["sha256:0e14a7dcb63dc2e7880fdd8c7436cfbed891d50f7e36b9f3e83a74e1fa05c170"]}} pod: test-comp-pac-gitlab-xqsixg2b9a1927fafdfe0b8903e9c0fb5fec7b-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg Attaching to quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518@sha256:0e14a7dcb63dc2e7880fdd8c7436cfbed891d50f7e36b9f3e83a74e1fa05c170 clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Uploading 2d0bb5c991b3 clamscan-result-amd64.log Uploading 3fa41e515c15 clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploaded 2d0bb5c991b3 clamscan-result-amd64.log Uploaded 3fa41e515c15 clamscan-ec-test-amd64.json Uploading db48ffb5972f application/vnd.oci.image.manifest.v1+json Uploaded db48ffb5972f application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518@sha256:0e14a7dcb63dc2e7880fdd8c7436cfbed891d50f7e36b9f3e83a74e1fa05c170 Digest: sha256:db48ffb5972f7f6f62bd8197ff34f110d4707fddde9b87aa595b0fed80244f6d pod: test-comp-pac-gitlab-xqsixg2ebbcabc9615022129522af66d519f9b-pod | init container: prepare 2025/11/09 17:06:11 Entrypoint initialization pod: test-comp-pac-gitlab-xqsixg2ebbcabc9615022129522af66d519f9b-pod | init container: place-scripts 2025/11/09 17:06:18 Decoded script /tekton/scripts/script-0-qw9r7 2025/11/09 17:06:18 Decoded script /tekton/scripts/script-1-mckt7 pod: test-comp-pac-gitlab-xqsixg2ebbcabc9615022129522af66d519f9b-pod | container step-apply-additional-tags-from-parameter: No additional tags parameter specified pod: test-comp-pac-gitlab-xqsixg2ebbcabc9615022129522af66d519f9b-pod | container step-apply-additional-tags-from-image-label: No additional tags specified in the image labels pod: test-comp-pac-gitlab-xqsixgdcb2572a09f749be67e1acc2010441de-pod | init container: prepare 2025/11/09 17:06:10 Entrypoint initialization pod: test-comp-pac-gitlab-xqsixgdcb2572a09f749be67e1acc2010441de-pod | init container: place-scripts 2025/11/09 17:06:18 Decoded script /tekton/scripts/script-0-gbzqp 2025/11/09 17:06:18 Decoded script /tekton/scripts/script-1-tnxgc 2025/11/09 17:06:18 Decoded script /tekton/scripts/script-2-zmgw2 2025/11/09 17:06:18 Decoded script /tekton/scripts/script-3-fj48w 2025/11/09 17:06:18 Decoded script /tekton/scripts/script-4-hpw7k 2025/11/09 17:06:18 Decoded script /tekton/scripts/script-5-7qzkj pod: test-comp-pac-gitlab-xqsixgdcb2572a09f749be67e1acc2010441de-pod | container step-introspect: Artifact type will be determined by introspection. Checking the media type of the OCI artifact... Executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518 The media type of the OCI artifact is application/vnd.docker.distribution.manifest.v2+json. Looking for image labels that indicate this might be an operator bundle... Executing: skopeo inspect --retry-times 3 docker://quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518 Found 0 matching labels. Expecting 3 or more to identify this image as an operator bundle. Introspection concludes that this artifact is of type "application". pod: test-comp-pac-gitlab-xqsixgdcb2572a09f749be67e1acc2010441de-pod | container step-generate-container-auth: Selecting auth for quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518 Using token for quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg Auth json written to "/auth/auth.json". pod: test-comp-pac-gitlab-xqsixgdcb2572a09f749be67e1acc2010441de-pod | container step-set-skip-for-bundles: 2025/11/09 17:09:09 INFO Step was skipped due to when expressions were evaluated to false. pod: test-comp-pac-gitlab-xqsixgdcb2572a09f749be67e1acc2010441de-pod | container step-app-check: time="2025-11-09T17:09:09Z" level=info msg="certification library version" version="1.14.1 " time="2025-11-09T17:09:10Z" level=info msg="running checks for quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518 for platform amd64" time="2025-11-09T17:09:10Z" level=info msg="target image" image="quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518" time="2025-11-09T17:09:19Z" level=info msg="check completed" check=HasLicense result=FAILED time="2025-11-09T17:09:19Z" level=info msg="check completed" check=HasUniqueTag result=PASSED time="2025-11-09T17:09:19Z" level=info msg="check completed" check=LayerCountAcceptable result=PASSED time="2025-11-09T17:09:19Z" level=info msg="check completed" check=HasNoProhibitedPackages result=PASSED time="2025-11-09T17:09:19Z" level=info msg="check completed" check=HasRequiredLabel result=PASSED time="2025-11-09T17:09:19Z" level=info msg="USER 185 specified that is non-root" check=RunAsNonRoot time="2025-11-09T17:09:19Z" level=info msg="check completed" check=RunAsNonRoot result=PASSED time="2025-11-09T17:09:26Z" level=info msg="check completed" check=HasModifiedFiles result=PASSED time="2025-11-09T17:09:27Z" level=info msg="check completed" check=BasedOnUbi result=PASSED time="2025-11-09T17:09:27Z" level=info msg="This image's tag on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518 will be paired with digest sha256:0e14a7dcb63dc2e7880fdd8c7436cfbed891d50f7e36b9f3e83a74e1fa05c170 once this image has been published in accordance with Red Hat Certification policy. You may then add or remove any supplemental tags through your Red Hat Connect portal as you see fit." time="2025-11-09T17:09:28Z" level=info msg="Preflight result: FAILED" { "image": "quay.io/redhat-appstudio-qe/gitlab-rep-pccp/test-comp-pac-gitlab-xqsixg:on-pr-7366e6cec2f41786317c71b7c3a25bd28e625518", "passed": false, "test_library": { "name": "github.com/redhat-openshift-ecosystem/openshift-preflight", "version": "1.14.1", "commit": "436b6cd740f4144eba59ad1378be00383c7b0269" }, "results": { "passed": [ { "name": "HasUniqueTag", "elapsed_time": 0, "description": "Checking if container has a tag other than 'latest', so that the image can be uniquely identified." }, { "name": "LayerCountAcceptable", "elapsed_time": 0, "description": "Checking if container has less than 40 layers. Too many layers within the container images can degrade container performance." }, { "name": "HasNoProhibitedPackages", "elapsed_time": 48, "description": "Checks to ensure that the image in use does not include prohibited packages, such as Red Hat Enterprise Linux (RHEL) kernel packages." }, { "name": "HasRequiredLabel", "elapsed_time": 0, "description": "Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata" }, { "name": "RunAsNonRoot", "elapsed_time": 0, "description": "Checking if container runs as the root user because a container that does not specify a non-root user will fail the automatic certification, and will be subject to a manual review before the container can be approved for publication" }, { "name": "HasModifiedFiles", "elapsed_time": 7368, "description": "Checks that no files installed via RPM in the base Red Hat layer have been modified" }, { "name": "BasedOnUbi", "elapsed_time": 1015, "description": "Checking if the container's base image is based upon the Red Hat Universal Base Image (UBI)" } ], "failed": [ { "name": "HasLicense", "elapsed_time": 0, "description": "Checking if terms and conditions applicable to the software including open source licensing information are present. The license must be at /licenses", "help": "Check HasLicense encountered an error. Please review the preflight.log file for more information.", "suggestion": "Create a directory named /licenses and include all relevant licensing and/or terms and conditions as text file(s) in that directory.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" } ], "errors": [] } } pod: test-comp-pac-gitlab-xqsixgdcb2572a09f749be67e1acc2010441de-pod | container step-app-set-outcome: {"result":"FAILURE","timestamp":"1762708168","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: test-comp-pac-gitlab-xqsixgdcb2572a09f749be67e1acc2010441de-pod | container step-final-outcome: + [[ ! -f /mount/konflux.results.json ]] + tee /tekton/steps/step-final-outcome/results/test-output {"result":"FAILURE","timestamp":"1762708168","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0}