Skip to content
.github/workflows/must-gather-latest.yml

CMP-2615: Add a check aggregate to the compliance scan metadata #34

Sign in to view logs

CMP-2615: Add a check aggregate to the compliance scan metadata

CMP-2615: Add a check aggregate to the compliance scan metadata #34

Triggered via push August 15, 2024 07:50
@Vincent056Vincent056
pushed cc9a0d8
total_checks
Status Success
Total duration 1m 3s
Artifacts 1

must-gather-latest.yml

on: push
must-gather-latest  /  container
41s
must-gather-latest / container
must-gather-latest  /  sign
6s
must-gather-latest / sign
Fit to window
Zoom out
Zoom in

Annotations

1 warning and 3 notices
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals: images/must-gather/Dockerfile.ocp#L6
JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:394c9348d87500ce7749ac78f2430c7aa2db90f4b510ecc1cdc071926a1cfb04 | jq '.[0]'
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:394c9348d87500ce7749ac78f2430c7aa2db90f4b510ecc1cdc071926a1cfb04 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:394c9348d87500ce7749ac78f2430c7aa2db90f4b510ecc1cdc071926a1cfb04 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text

Artifacts

Produced during runtime
Name Size
ComplianceAsCode~compliance-operator~T7GJU5.dockerbuild
15 KB