Skip to content
Release latest

Merge pull request #428 from rhmdnd/minor-spelling-fixes #130

Sign in to view logs

Merge pull request #428 from rhmdnd/minor-spelling-fixes

Merge pull request #428 from rhmdnd/minor-spelling-fixes #130

Triggered via push October 4, 2023 09:22
@openshift-ciopenshift-ci[bot]
pushed d05a553
master
Status Success
Total duration 8m 31s
Artifacts

release-latest.yml

on: push
bundle-container-push-latest  /  container
27s
bundle-container-push-latest / container
openscap-container-push-latest  /  container
38s
openscap-container-push-latest / container
operator-container-push-latest  /  container
7m 50s
operator-container-push-latest / container
bundle-container-push-latest  /  sign
13s
bundle-container-push-latest / sign
bundle-container-push-latest  /  sbom
16s
bundle-container-push-latest / sbom
openscap-container-push-latest  /  sign
9s
openscap-container-push-latest / sign
openscap-container-push-latest  /  sbom
23s
openscap-container-push-latest / sbom
operator-container-push-latest  /  sign
12s
operator-container-push-latest / sign
operator-container-push-latest  /  sbom
20s
operator-container-push-latest / sbom
catalog-container-push-latest
39s
catalog-container-push-latest
Fit to window
Zoom out
Zoom in

Annotations

2 warnings and 12 notices
catalog-container-push-latest
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
catalog-container-push-latest
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:d9b61b757a7e0a57a0c0d09d9f55ae049423a3de86911d1ba38522f8d0000356 | jq '.[0]'
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:d9b61b757a7e0a57a0c0d09d9f55ae049423a3de86911d1ba38522f8d0000356 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator-bundle@sha256:d9b61b757a7e0a57a0c0d09d9f55ae049423a3de86911d1ba38522f8d0000356 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
Verify SBOM attestation
COSIGN_EXPERIMENTAL=1 cosign verify-attestation ghcr.io/complianceascode/compliance-operator-bundle@sha256:d9b61b757a7e0a57a0c0d09d9f55ae049423a3de86911d1ba38522f8d0000356 | jq '.payload |= @base64d | .payload | fromjson | select(.predicateType == "https://spdx.dev/Document") | .predicate.Data | fromjson'
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:6ee6dbdfc08e8e126bc35e8d01acc9b2c2ee99ce0312f1c039285947253fe488 | jq '.[0]'
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:6ee6dbdfc08e8e126bc35e8d01acc9b2c2ee99ce0312f1c039285947253fe488 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/openscap-ocp@sha256:6ee6dbdfc08e8e126bc35e8d01acc9b2c2ee99ce0312f1c039285947253fe488 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
Verify SBOM attestation
COSIGN_EXPERIMENTAL=1 cosign verify-attestation ghcr.io/complianceascode/openscap-ocp@sha256:6ee6dbdfc08e8e126bc35e8d01acc9b2c2ee99ce0312f1c039285947253fe488 | jq '.payload |= @base64d | .payload | fromjson | select(.predicateType == "https://spdx.dev/Document") | .predicate.Data | fromjson'
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:5f72736e656f414a6847b34951e7ed96777a0d51edd3186cb6d01637caef62a6 | jq '.[0]'
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:5f72736e656f414a6847b34951e7ed96777a0d51edd3186cb6d01637caef62a6 | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/compliance-operator@sha256:5f72736e656f414a6847b34951e7ed96777a0d51edd3186cb6d01637caef62a6 | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
Verify SBOM attestation
COSIGN_EXPERIMENTAL=1 cosign verify-attestation ghcr.io/complianceascode/compliance-operator@sha256:5f72736e656f414a6847b34951e7ed96777a0d51edd3186cb6d01637caef62a6 | jq '.payload |= @base64d | .payload | fromjson | select(.predicateType == "https://spdx.dev/Document") | .predicate.Data | fromjson'