Merge pull request #12651 from ComplianceAsCode/dependabot/github_act… #2973
Mab879k8s-content.yaml
on: push
container-main
/
container
16m 6s
container-main
/
sign
7s
Annotations
3 warnings and 3 notices
|
container-main / container
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
The 'as' keyword should match the case of the 'from' keyword:
Dockerfiles/ocp4_content#L1
FromAsCasing: 'as' and 'FROM' keywords' casing do not match
More info: https://docs.docker.com/go/dockerfile/rule/from-as-casing/
|
|
container-main / sign
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Verify signature
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/k8scontent@sha256:8846345d6f7e982624e9864cc3ec6421c4ae58c253f9a2a9a7968f1d0eb7d01f | jq '.[0]'
|
|
Inspect signature bundle
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/k8scontent@sha256:8846345d6f7e982624e9864cc3ec6421c4ae58c253f9a2a9a7968f1d0eb7d01f | jq '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson'
|
|
Inspect certificate
COSIGN_EXPERIMENTAL=1 cosign verify ghcr.io/complianceascode/k8scontent@sha256:8846345d6f7e982624e9864cc3ec6421c4ae58c253f9a2a9a7968f1d0eb7d01f | jq -r '.[0].optional.Bundle.Payload.body |= @base64d | .[0].optional.Bundle.Payload.body | fromjson | .spec.signature.publicKey.content |= @base64d | .spec.signature.publicKey.content' | openssl x509 -text
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
ComplianceAsCode~content~LSAFXG.dockerbuild
|
179 KB |
|