Merge pull request #608 from ComplianceAsCode/fix-verify-bundle #282
rhmdndrelease-latest.yml
on: push
bundle-container-push-latest
/
container
26s
must-gather-latest
/
container
50s
openscap-container-push-latest
/
container
1m 32s
operator-container-push-latest
/
container
1h 40m
must-gather-latest
/
sign
6s
openscap-container-push-latest
/
sign
5s
catalog-container-push-pr
/
sign
10s
Annotations
1 warning and 15 notices
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:b6dee68a8795b72945d1be83c955f5f6fbd1774c09727a965ba2a1f69a21741d | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:b6dee68a8795b72945d1be83c955f5f6fbd1774c09727a965ba2a1f69a21741d | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:b6dee68a8795b72945d1be83c955f5f6fbd1774c09727a965ba2a1f69a21741d | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:48a2d43f36c73bd32fa8155de75f7def1828b7031c2c489d740aae27b0fc1c7b | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:48a2d43f36c73bd32fa8155de75f7def1828b7031c2c489d740aae27b0fc1c7b | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/must-gather-ocp@sha256:48a2d43f36c73bd32fa8155de75f7def1828b7031c2c489d740aae27b0fc1c7b | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:c54f9b17f750412c99f7f228e047f4a7bee906fb65aca77f79f0064c3fe82937 | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:c54f9b17f750412c99f7f228e047f4a7bee906fb65aca77f79f0064c3fe82937 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:c54f9b17f750412c99f7f228e047f4a7bee906fb65aca77f79f0064c3fe82937 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:ae3c259bf1f087e859325a650eeb1e21da0a0ab2d94bf509b0e0f2a0a973a3c4 | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:ae3c259bf1f087e859325a650eeb1e21da0a0ab2d94bf509b0e0f2a0a973a3c4 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:ae3c259bf1f087e859325a650eeb1e21da0a0ab2d94bf509b0e0f2a0a973a3c4 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:fc6c2d635b3f7a0226ded41cf2d5c4d6436bc4566d9460d425e25ec38ceea13e | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:fc6c2d635b3f7a0226ded41cf2d5c4d6436bc4566d9460d425e25ec38ceea13e | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-catalog@sha256:fc6c2d635b3f7a0226ded41cf2d5c4d6436bc4566d9460d425e25ec38ceea13e | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
images/must-gather/Dockerfile.ocp#L6
JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
ComplianceAsCode~compliance-operator~7P9JPX.dockerbuild
|
24.1 KB |
|
|
ComplianceAsCode~compliance-operator~EYN04W.dockerbuild
|
8.74 KB |
|
|
ComplianceAsCode~compliance-operator~HWCGT8.dockerbuild
|
11.8 KB |
|
|
ComplianceAsCode~compliance-operator~LP1070.dockerbuild
|
40 KB |
|
|
ComplianceAsCode~compliance-operator~Z2SNE7.dockerbuild
|
37.2 KB |
|