running buildah-tssc Step: buildah-tssc Results: /workspace/source/source/results/buildah-tssc Custom root CA variable is not set. Make sure CA trust is established ========Running buildah-tssc:login --- Registry Auth Bypass Active --- ========Running buildah-tssc:build STEP 1/7: FROM registry.access.redhat.com/ubi9/python-312:latest Trying to pull registry.access.redhat.com/ubi9/python-312:latest... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:04033ddaa0d00cff66f7378146dd7863234b488ff14b787612a1a4b07dc9227d Copying blob sha256:1fe4dbeb24e643ae0b97dbb3ac5b85295ddd66e5ef84590f34e8d1d58ade71d1 Copying blob sha256:a3c2e6ce1673e7b6c477fbbd9c851dca206e0064f9b082c5a3ccf3821f8d375f Copying blob sha256:c10adc218268c3b4512563269f3b3371ccc5b76d75a108b1bac21785a58b6f38 Copying config sha256:37bdd0ca8a393ac2cf4671bc9726b2395cc2e9a3b7e349ddd64371bce29d85e0 Writing manifest to image destination Storing signatures STEP 2/7: EXPOSE 8081/tcp STEP 3/7: ENV FLASK_PORT=8081 STEP 4/7: WORKDIR /projects STEP 5/7: COPY . . STEP 6/7: RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; elif [ `ls -1q *.txt | wc -l` == 1 ]; then pip install -r *.txt; fi Collecting blinker==1.9.0 (from -r requirements.txt (line 7)) Downloading blinker-1.9.0-py3-none-any.whl (8.5 kB) Collecting click==8.3.1 (from -r requirements.txt (line 11)) Downloading click-8.3.1-py3-none-any.whl (108 kB) Collecting Flask==3.1.3 (from -r requirements.txt (line 15)) Downloading flask-3.1.3-py3-none-any.whl (103 kB) Collecting itsdangerous==2.2.0 (from -r requirements.txt (line 19)) Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Collecting jinja2==3.1.6 (from -r requirements.txt (line 23)) Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) Collecting MarkupSafe==3.0.3 (from -r requirements.txt (line 27)) Downloading markupsafe-3.0.3-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (22 kB) Collecting Werkzeug==3.1.4 (from -r requirements.txt (line 120)) Downloading werkzeug-3.1.4-py3-none-any.whl (224 kB) Installing collected packages: MarkupSafe, itsdangerous, click, blinker, Werkzeug, jinja2, Flask Successfully installed Flask-3.1.3 MarkupSafe-3.0.3 Werkzeug-3.1.4 blinker-1.9.0 click-8.3.1 itsdangerous-2.2.0 jinja2-3.1.6 [notice] A new release of pip is available: 24.2 -> 26.0.1 [notice] To update, run: pip install --upgrade pip STEP 7/7: CMD [ "python", "./app.py" ] COMMIT quay.io/rhtap_qe/e2e-tests-python-oavlrsxg:on-pr-814659b3908c2761b59c2985f483f0c97305f3cd Getting image source signatures Copying blob sha256:7092d0fa8588dc34ba31722e888e8c7e9cfb9f86fcdf7eff1113d22cb3a9925c Copying blob sha256:d1e3d34a1a2c0fa26b306b11ab615a1be8964646f2aa4138edb9ec4ad2ad1a47 Copying blob sha256:ba6bb35903144fc1b0a298e8927a73dcdc1106ba42473b4c990f1260947168d6 Copying blob sha256:0194399e009470c353086eaad6733f717806fac5df6372a07b1ac6b98985fb6e Copying blob sha256:6748183487d7144ed4a7832dbdd102d8132632b3365d3ac6b40897774d0f752c Copying config sha256:d7d9d6c05ea2eeb80f34afb9284ff3b50f1f46907af5d4b2d249d4b441cabc59 Writing manifest to image destination --> d7d9d6c05ea2 Successfully tagged quay.io/rhtap_qe/e2e-tests-python-oavlrsxg:on-pr-814659b3908c2761b59c2985f483f0c97305f3cd d7d9d6c05ea2eeb80f34afb9284ff3b50f1f46907af5d4b2d249d4b441cabc59 Getting image source signatures Copying blob sha256:6748183487d7144ed4a7832dbdd102d8132632b3365d3ac6b40897774d0f752c Copying blob sha256:d1e3d34a1a2c0fa26b306b11ab615a1be8964646f2aa4138edb9ec4ad2ad1a47 Copying blob sha256:0194399e009470c353086eaad6733f717806fac5df6372a07b1ac6b98985fb6e Copying blob sha256:ba6bb35903144fc1b0a298e8927a73dcdc1106ba42473b4c990f1260947168d6 Copying blob sha256:7092d0fa8588dc34ba31722e888e8c7e9cfb9f86fcdf7eff1113d22cb3a9925c Copying config sha256:d7d9d6c05ea2eeb80f34afb9284ff3b50f1f46907af5d4b2d249d4b441cabc59 Writing manifest to image destination sha256:3538f0f6d6154a3385aec46ea847c44a45a0c523ee933eb2e4f6577e7378e02fquay.io/rhtap_qe/e2e-tests-python-oavlrsxg:on-pr-814659b3908c2761b59c2985f483f0c97305f3cdGetting image source signatures Copying blob sha256:6748183487d7144ed4a7832dbdd102d8132632b3365d3ac6b40897774d0f752c Copying blob sha256:ba6bb35903144fc1b0a298e8927a73dcdc1106ba42473b4c990f1260947168d6 Copying blob sha256:7092d0fa8588dc34ba31722e888e8c7e9cfb9f86fcdf7eff1113d22cb3a9925c Copying blob sha256:0194399e009470c353086eaad6733f717806fac5df6372a07b1ac6b98985fb6e Copying blob sha256:d1e3d34a1a2c0fa26b306b11ab615a1be8964646f2aa4138edb9ec4ad2ad1a47 Copying config sha256:d7d9d6c05ea2eeb80f34afb9284ff3b50f1f46907af5d4b2d249d4b441cabc59 Writing manifest to image destination ========Running buildah-tssc:generate-sboms { "bom-ref": "af63bd4c8601b7f1", "type": "file", "name": "e2e-tests-python-oavlrsxg", "version": "814659b3908c2761b59c2985f483f0c97305f3cd" } { "bom-ref": "b8f71522138548cd", "type": "container", "name": "quay.io/rhtap_qe/e2e-tests-python-oavlrsxg:on-pr-814659b3908c2761b59c2985f483f0c97305f3cd", "version": "sha256:3538f0f6d6154a3385aec46ea847c44a45a0c523ee933eb2e4f6577e7378e02f" } ========RUNNING PYTHON ========Running buildah-tssc:upload-sbom There is a discussion in sigstore community triggered by https://github.com/sigstore/cosign/issues/3599. It is likely that cosign attach deprecation will be reverted. Please, ignore deprecation warning for now. WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate /workspace/source/source/results/temp/files/sbom-cyclonedx.json --key '. Uploading SBOM file for [quay.io/rhtap_qe/e2e-tests-python-oavlrsxg:on-pr-814659b3908c2761b59c2985f483f0c97305f3cd] to [quay.io/rhtap_qe/e2e-tests-python-oavlrsxg:sha256-3538f0f6d6154a3385aec46ea847c44a45a0c523ee933eb2e4f6577e7378e02f.sbom] with mediaType [application/vnd.cyclonedx+json]. ========