running buildah-tssc Step: buildah-tssc Results: /workspace/source/source/results/buildah-tssc Custom root CA variable is not set. Make sure CA trust is established ========Running buildah-tssc:login --- Registry Auth Bypass Active --- ========Running buildah-tssc:build STEP 1/7: FROM registry.access.redhat.com/ubi9/python-312:latest Trying to pull registry.access.redhat.com/ubi9/python-312:latest... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:41604cc3b4ac47a9024c517f364407bcfb68215072c3992d8ace9b322d8ae959 Copying blob sha256:2cd37bfa55522989640b93952edcb17a717454b3735b59e5644987d179dde040 Copying blob sha256:f7db5374f6e675b6041777681d128e77efce1fcc80ba77316c708b1ff3667045 Copying blob sha256:e2ab12080d2c73d93703e255294036cabb5b94165f58db334c348dd8513e9a1d Copying config sha256:a32d67e3c6e3b32e4cb50cc7a60b9e8ab3829ad32b5e795641e1c69aefdb3dd1 Writing manifest to image destination Storing signatures STEP 2/7: EXPOSE 8081/tcp STEP 3/7: ENV FLASK_PORT=8081 STEP 4/7: WORKDIR /projects STEP 5/7: COPY . . STEP 6/7: RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; elif [ `ls -1q *.txt | wc -l` == 1 ]; then pip install -r *.txt; fi Collecting blinker==1.9.0 (from -r requirements.txt (line 7)) Downloading blinker-1.9.0-py3-none-any.whl (8.5 kB) Collecting click==8.3.1 (from -r requirements.txt (line 11)) Downloading click-8.3.1-py3-none-any.whl (108 kB) Collecting Flask==3.1.3 (from -r requirements.txt (line 15)) Downloading flask-3.1.3-py3-none-any.whl (103 kB) Collecting itsdangerous==2.2.0 (from -r requirements.txt (line 19)) Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Collecting jinja2==3.1.6 (from -r requirements.txt (line 23)) Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) Collecting MarkupSafe==3.0.3 (from -r requirements.txt (line 27)) Downloading markupsafe-3.0.3-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (22 kB) Collecting Werkzeug==3.1.4 (from -r requirements.txt (line 120)) Downloading werkzeug-3.1.4-py3-none-any.whl (224 kB) Installing collected packages: MarkupSafe, itsdangerous, click, blinker, Werkzeug, jinja2, Flask Successfully installed Flask-3.1.3 MarkupSafe-3.0.3 Werkzeug-3.1.4 blinker-1.9.0 click-8.3.1 itsdangerous-2.2.0 jinja2-3.1.6 [notice] A new release of pip is available: 24.2 -> 26.1.1 [notice] To update, run: pip install --upgrade pip STEP 7/7: CMD [ "python", "./app.py" ] COMMIT quay.io/rhtap_qe/e2e-tests-python-hatdrdhq:on-pr-d1de4085e6d1ea5ebddc331ed8c83881f99b0458 Getting image source signatures Copying blob sha256:81235b7cbd3cd58012affec0c913a05908a08d0994f7ec853121bf1a9381b748 Copying blob sha256:a5113b616114d1d03116f87dbef50eefe5405dd1bba95b60e8fb3773d151ff5b Copying blob sha256:2ef75b2aedc68fbe3687e0feed5cdc95e4c2e4005276181f5edc2cc2a5132a59 Copying blob sha256:d2c9309aea5ae9f7d5d7576607e7388125ad6b407d1bff18b16f36323429c18a Copying blob sha256:26c0dff448e87196a4e0f6734b30325e992f9eba59149bfc0f548a1dd349b2ff Copying config sha256:88235daf71f8623274e79fd2bc91f7c9528e7fd73be34087157d3387e8890a55 Writing manifest to image destination --> 88235daf71f8 Successfully tagged quay.io/rhtap_qe/e2e-tests-python-hatdrdhq:on-pr-d1de4085e6d1ea5ebddc331ed8c83881f99b0458 88235daf71f8623274e79fd2bc91f7c9528e7fd73be34087157d3387e8890a55 Getting image source signatures Copying blob sha256:26c0dff448e87196a4e0f6734b30325e992f9eba59149bfc0f548a1dd349b2ff Copying blob sha256:81235b7cbd3cd58012affec0c913a05908a08d0994f7ec853121bf1a9381b748 Copying blob sha256:2ef75b2aedc68fbe3687e0feed5cdc95e4c2e4005276181f5edc2cc2a5132a59 Copying blob sha256:d2c9309aea5ae9f7d5d7576607e7388125ad6b407d1bff18b16f36323429c18a Copying blob sha256:a5113b616114d1d03116f87dbef50eefe5405dd1bba95b60e8fb3773d151ff5b Copying config sha256:88235daf71f8623274e79fd2bc91f7c9528e7fd73be34087157d3387e8890a55 Writing manifest to image destination sha256:2dec1386143c9a081fdaefcf00c5d6955e9115412da507aff8048acbcf51a890quay.io/rhtap_qe/e2e-tests-python-hatdrdhq:on-pr-d1de4085e6d1ea5ebddc331ed8c83881f99b0458Getting image source signatures Copying blob sha256:26c0dff448e87196a4e0f6734b30325e992f9eba59149bfc0f548a1dd349b2ff Copying blob sha256:81235b7cbd3cd58012affec0c913a05908a08d0994f7ec853121bf1a9381b748 Copying blob sha256:2ef75b2aedc68fbe3687e0feed5cdc95e4c2e4005276181f5edc2cc2a5132a59 Copying blob sha256:a5113b616114d1d03116f87dbef50eefe5405dd1bba95b60e8fb3773d151ff5b Copying blob sha256:d2c9309aea5ae9f7d5d7576607e7388125ad6b407d1bff18b16f36323429c18a Copying config sha256:88235daf71f8623274e79fd2bc91f7c9528e7fd73be34087157d3387e8890a55 Writing manifest to image destination ========Running buildah-tssc:generate-sboms { "bom-ref": "af63bd4c8601b7f1", "type": "file", "name": "e2e-tests-python-hatdrdhq", "version": "d1de4085e6d1ea5ebddc331ed8c83881f99b0458" } { "bom-ref": "4a7b7e5ef7f7c9e7", "type": "container", "name": "quay.io/rhtap_qe/e2e-tests-python-hatdrdhq:on-pr-d1de4085e6d1ea5ebddc331ed8c83881f99b0458", "version": "sha256:2dec1386143c9a081fdaefcf00c5d6955e9115412da507aff8048acbcf51a890" } ========RUNNING PYTHON ========Running buildah-tssc:upload-sbom There is a discussion in sigstore community triggered by https://github.com/sigstore/cosign/issues/3599. It is likely that cosign attach deprecation will be reverted. Please, ignore deprecation warning for now. WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate /workspace/source/source/results/temp/files/sbom-cyclonedx.json --key '. Uploading SBOM file for [quay.io/rhtap_qe/e2e-tests-python-hatdrdhq:on-pr-d1de4085e6d1ea5ebddc331ed8c83881f99b0458] to [quay.io/rhtap_qe/e2e-tests-python-hatdrdhq:sha256-2dec1386143c9a081fdaefcf00c5d6955e9115412da507aff8048acbcf51a890.sbom] with mediaType [application/vnd.cyclonedx+json]. ========