SBOM cant access path `/run/src/core/sbom/proc/mounts`

userbradley commented 1 year ago

Contributing guidelines

[X] I've read the contributing guidelines and wholeheartedly agree

I've found a bug, and:

[X] The documentation does not mention anything about my problem
[X] There are no open or closed issues that are related to my problem

Description

When using the below config in my Docker build for the workflow, I get the below error

Error

#14 [linux/amd64] generating sbom using docker.io/docker/buildkit-syft-scanner:stable-1
#14 0.205 time="2023-09-26T10:37:08Z" level=info msg="starting syft scanner for buildkit v1.2.0"
#14 0.236 [0000]  WARN unable to access path="/run/src/core/sbom/proc/mounts": lstat /run/src/core/sbom/proc/mounts: no such file or directory
#14 DONE 0.5s

Expected behaviour

Docker builds the image, generates the SBOM and then pushes the image with the attached SBOM data in the manifest for the container

Actual behaviour

SBOM would be generated and no error would be found

Repository URL

No response

Workflow run URL

No response

YAML workflow

- name: Build
      uses: docker/build-push-action@v5
      with:
        push: true
        context: ./
        file: Dockerfile
        provenance: mode=max
        sbom: true
        tags: |
          europe-west2-docker.pkg.dev/redacted/${{ inputs.repository }}/${{ inputs.image}}:${{steps.tag.outputs.sha}}
          europe-west2-docker.pkg.dev/redacted/${{ inputs.repository }}/${{ inputs.image}}:${{steps.tag.outputs.ref}}
          europe-west2-docker.pkg.dev/redacted/${{ inputs.repository }}/${{ inputs.image}}:${{steps.tag.outputs.ref}}-${{steps.tag.outputs.sha}}
          europe-west2-docker.pkg.dev/redacted/${{ inputs.repository }}/${{ inputs.image}}:dev
          europe-west2-docker.pkg.dev/redacted/${{ inputs.repository }}/${{ inputs.image}}:latest

Workflow logs

/usr/bin/docker buildx build --file containers/kubectl//Dockerfile --iidfile /tmp/docker-actions-toolkit-AdZkCo/iidfile --provenance mode=max,builder-id=https://github.com/redacted/redacted/actions/runs/6311325738 --sbom true --tag europe-west2-docker.pkg.dev/redacted/redacted/kubectl:679d795 --tag europe-west2-docker.pkg.dev/redacted/redacted/kubectl:redacted-SBOM --tag europe-west2-docker.pkg.dev/redacted/redacted/kubectl:redacted-SBOM-679d795 --tag europe-west2-docker.pkg.dev/redacted/redacted/kubectl:dev --tag europe-west2-docker.pkg.dev/redacted/redacted/kubectl:latest --metadata-file /tmp/docker-actions-toolkit-AdZkCo/metadata-file --push containers/kubectl/
#0 building with "default" instance using docker driver

#1 [internal] load .dockerignore
#1 transferring context: 2B done
#1 DONE 0.0s

#2 [internal] load build definition from Dockerfile
#2 transferring dockerfile: 1.10kB done
#2 DONE 0.0s

#3 [auth] docker/buildkit-syft-scanner:pull token for registry-1.docker.io
#3 DONE 0.0s

#4 resolve image config for docker.io/docker/buildkit-syft-scanner:stable-1
#4 DONE 0.3s

#5 [internal] load metadata for europe-west2-docker.pkg.dev/redacted/containers/alpine:3.18.2
#5 ...

#6 [auth] redacted/containers/alpine:pull token for europe-west2-docker.pkg.dev
#6 DONE 0.0s

#5 [internal] load metadata for europe-west2-docker.pkg.dev/redacted/containers/alpine:3.18.2
#5 DONE 2.5s

#7 [1/6] FROM europe-west2-docker.pkg.dev/redacted/containers/alpine:3.18.2@sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1
#7 resolve europe-west2-docker.pkg.dev/redacted/containers/alpine:3.18.2@sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1 done
#7 sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1 1.64kB / 1.64kB done
#7 sha256:25fad2a32ad1f6f510e528448ae1ec69a28ef81916a004d3629874104f8a7f70 528B / 528B done
#7 sha256:c1aabb73d2339c5ebaa3681de2e9d9c18d57485045a4e311d9f8004bec208d67 1.47kB / 1.47kB done
#7 sha256:31e352740f534f9ad170f75378a84fe453d6156e40700b882d737a8f4a6988a3 0B / 3.40MB 0.1s
#7 ...

#8 docker-image://docker.io/docker/buildkit-syft-scanner:stable-1
#8 resolve docker.io/docker/buildkit-syft-scanner:stable-1 0.1s done
#8 sha256:ee374bcc416fd776e1e29831481c2bb5cd0616652104cd902baa0d111208d683 4.64kB / 4.64kB done
#8 sha256:13b7d9e2a3623dbe727045830d6d015168b26c7647c0419448309084fb03ebd4 482B / 482B done
#8 sha256:c3c9e7ab62e4e34629be521735d3e3af40a5545882030ac4c324d4821aa7629c 2.29kB / 2.29kB done
#8 sha256:5ad95de4207de923f82a2517ca654b09c9c8251fb7eb25242442a368d631c89d 21.07MB / 21.07MB 0.2s done
#8 extracting sha256:5ad95de4207de923f82a2517ca654b09c9c8251fb7eb25242442a368d631c89d 0.3s done
#8 DONE 0.6s

#7 [1/6] FROM europe-west2-docker.pkg.dev/redacted/containers/alpine:3.18.2@sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1
#7 extracting sha256:31e352740f534f9ad170f75378a84fe453d6156e40700b882d737a8f4a6988a3
#7 sha256:31e352740f534f9ad170f75378a84fe453d6156e40700b882d737a8f4a6988a3 3.40MB / 3.40MB 1.1s done
#7 extracting sha256:31e352740f534f9ad170f75378a84fe453d6156e40700b882d737a8f4a6988a3 0.1s done
#7 DONE 1.2s

#9 [2/6] RUN apk add curl
#9 0.216 fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/main/x86_64/APKINDEX.tar.gz
#9 0.327 fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/community/x86_64/APKINDEX.tar.gz
#9 0.586 (1/7) Installing ca-certificates (20230506-r0)
#9 0.601 (2/7) Installing brotli-libs (1.0.9-r14)
#9 0.612 (3/7) Installing libunistring (1.1-r1)
#9 0.627 (4/7) Installing libidn2 (2.3.4-r1)
#9 0.631 (5/7) Installing nghttp2-libs (1.55.1-r0)
#9 0.634 (6/7) Installing libcurl (8.3.0-r0)
#9 0.642 (7/7) Installing curl (8.3.0-r0)
#9 0.646 Executing busybox-1.36.1-r0.trigger
#9 0.650 Executing ca-certificates-20230506-r0.trigger
#9 0.690 OK: 12 MiB in 22 packages
#9 DONE 0.9s

#10 [3/6] RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
#10 0.393   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
#10 0.393                                  Dload  Upload   Total   Spent    Left  Speed
#10 0.393
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100   138  100   138    0     0   2029      0 --:--:-- --:--:-- --:--:--  2059
#10 0.630
100 47.5M  100 47.5M    0     0   200M      0 --:--:-- --:--:-- --:--:--  200M
#10 DONE 0.7s

#11 [4/6] RUN rm -rf /var/cache/apk/*
#11 DONE 0.3s

#12 [5/6] RUN install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
#12 DONE 0.5s

#13 [6/6] RUN rm /kubectl
#13 DONE 0.3s

#14 [linux/amd64] generating sbom using docker.io/docker/buildkit-syft-scanner:stable-1
#14 0.205 time="2023-09-26T10:37:08Z" level=info msg="starting syft scanner for buildkit v1.2.0"
#14 0.236 [0000]  WARN unable to access path="/run/src/core/sbom/proc/mounts": lstat /run/src/core/sbom/proc/mounts: no such file or directory
#14 DONE 0.5s

#15 exporting to image
#15 exporting layers
#15 exporting layers 0.9s done
#15 writing image sha256:aa6c5b0566b9b29d4009c36cf67e937d1df5a5969b7f6a384f3f12dbc5f18b2d done
#15 naming to europe-west2-docker.pkg.dev/redacted/redacted/kubectl:679d795 done
#15 naming to europe-west2-docker.pkg.dev/redacted/redacted/kubectl:redacted-SBOM done
#15 naming to europe-west2-docker.pkg.dev/redacted/redacted/kubectl:redacted-SBOM-679d795 done
#15 naming to europe-west2-docker.pkg.dev/redacted/redacted/kubectl:dev done
#15 naming to europe-west2-docker.pkg.dev/redacted/redacted/kubectl:latest done
#15 DONE 0.9s

#16 pushing europe-west2-docker.pkg.dev/redacted/redacted/kubectl:679d795 with docker
#16 pushing layer 2cca9b1cf126
#16 pushing layer befc486b4ee2
#16 pushing layer f17c29510b58
#16 pushing layer a976f4c9d4fb
#16 pushing layer b7a145b77dd7
#16 pushing layer 78a822fe2a2d 0.0s
#16 pushing layer b7a145b77dd7 2.29MB / 6.05MB 0.4s
#16 pushing layer b7a145b77dd7 4.85MB / 6.05MB 0.5s
#16 pushing layer b7a145b77dd7 6.33MB / 6.05MB 0.6s
#16 pushing layer befc486b4ee2 2.62MB / 49.86MB 0.8s
#16 pushing layer a976f4c9d4fb 4.72MB / 49.86MB 0.9s
#16 pushing layer a976f4c9d4fb 7.34MB / 49.86MB 1.1s
#16 pushing layer befc486b4ee2 7.34MB / 49.86MB 1.1s
#16 pushing layer a976f4c9d4fb 9.96MB / 49.86MB 1.2s
#16 pushing layer befc486b4ee2 9.96MB / 49.86MB 1.2s
#16 pushing layer a976f4c9d4fb 12.58MB / 49.86MB 1.3s
#16 pushing layer befc486b4ee2 12.58MB / 49.86MB 1.4s
#16 pushing layer a976f4c9d4fb 15.20MB / 49.86MB 1.5s
#16 pushing layer befc486b4ee2 15.21MB / 49.86MB 1.5s
#16 pushing layer a976f4c9d4fb 19.40MB / 49.86MB 1.7s
#16 pushing layer befc486b4ee2 19.40MB / 49.86MB 1.7s
#16 pushing layer a976f4c9d4fb 22.02MB / 49.86MB 1.8s
#16 pushing layer befc486b4ee2 22.02MB / 49.86MB 1.9s
#16 pushing layer a976f4c9d4fb 25.69MB / 49.86MB 2.1s
#16 pushing layer befc486b4ee2 25.69MB / 49.86MB 2.2s
#16 pushing layer 2cca9b1cf126 2.1s done
#16 pushing layer a976f4c9d4fb 29.88MB / 49.86MB 2.4s
#16 pushing layer befc486b4ee2 30.41MB / 49.86MB 2.4s
#16 pushing layer a976f4c9d4fb 32.51MB / 49.86MB 2.5s
#16 pushing layer befc486b4ee2 33.03MB / 49.86MB 2.6s
#16 pushing layer befc486b4ee2 40.37MB / 49.86MB 2.8s
#16 pushing layer a976f4c9d4fb 39.85MB / 49.86MB 2.8s
#16 pushing layer befc486b4ee2 42.99MB / 49.86MB 2.9s
#16 pushing layer a976f4c9d4fb 42.47MB / 49.86MB 2.9s
#16 pushing layer befc486b4ee2 45.62MB / 49.86MB 3.1s
#16 pushing layer f17c29510b58 2.8s done
#16 pushing layer a976f4c9d4fb 48.24MB / 49.86MB 3.1s
#16 pushing layer befc486b4ee2 49.87MB / 49.86MB 3.3s
#16 pushing layer b7a145b77dd7 3.1s done
#16 pushing layer a976f4c9d4fb 4.6s done
#16 pushing layer befc486b4ee2 4.8s done
#16 pushing layer 78a822fe2a2d 6.6s done
#16 DONE 6.7s

#17 pushing europe-west2-docker.pkg.dev/redacted/redacted/kubectl:redacted-SBOM with docker
#17 pushing layer 2cca9b1cf126 0.6s
#17 pushing layer 2cca9b1cf126 1.3s done
#17 pushing layer befc486b4ee2 1.3s done
#17 pushing layer f17c29510b58 1.3s done
#17 pushing layer a976f4c9d4fb 1.3s done
#17 pushing layer b7a145b77dd7 1.3s done
#17 pushing layer 78a822fe2a2d 1.3s done
#17 DONE 1.3s

#18 pushing europe-west2-docker.pkg.dev/redacted/redacted/kubectl:redacted-SBOM-679d795 with docker
#18 pushing layer befc486b4ee2 1.8s done
#18 pushing layer 2cca9b1cf126 1.8s done
#18 pushing layer f17c29510b58 1.8s done
#18 pushing layer a976f4c9d4fb 1.8s done
#18 pushing layer b7a145b77dd7 1.8s done
#18 pushing layer 78a822fe2a2d 1.8s done
#18 DONE 1.8s

#19 pushing europe-west2-docker.pkg.dev/redacted/redacted/kubectl:dev with docker
#19 pushing layer 2cca9b1cf126 1.4s done
#19 pushing layer befc486b4ee2 1.4s done
#19 pushing layer f17c29510b58 1.4s done
#19 pushing layer a976f4c9d4fb 1.4s done
#19 pushing layer b7a145b77dd7 1.4s done
#19 pushing layer 78a822fe2a2d 1.4s done
#19 DONE 1.5s

#20 pushing europe-west2-docker.pkg.dev/redacted/redacted/kubectl:latest with docker
#20 pushing layer 2cca9b1cf126 1.4s done
#20 pushing layer befc486b4ee2 1.4s done
#20 pushing layer f17c29510b58 1.4s done
#20 pushing layer a976f4c9d4fb 1.4s done
#20 pushing layer b7a145b77dd7 1.4s done
#20 pushing layer 78a822fe2a2d 1.4s done

BuildKit logs

  /usr/bin/docker buildx version
  github.com/docker/buildx v0.11.2 9872040

Additional info

/usr/bin/docker version
  Client: Docker Engine - Community
   Version:           24.0.6
   API version:       1.43
   Go version:        go1.20.7
   Git commit:        ed223bc
   Built:             Mon Sep  4 12:31:44 2023
   OS/Arch:           linux/amd64
   Context:           default

  Server: Docker Engine - Community
   Engine:
    Version:          24.0.6
    API version:      1.43 (minimum version 1.12)
    Go version:       go1.20.7
    Git commit:       1a79695
    Built:            Mon Sep  4 12:31:44 2023
    OS/Arch:          linux/amd64
    Experimental:     false
   containerd:
    Version:          1.6.22
    GitCommit:        8165feabfdfe38c65b599c4993d227328c231fca
   runc:
    Version:          1.1.8
    GitCommit:        v1.1.8-0-g82f18fe
   docker-init:
    Version:          0.19.0
    GitCommit:        de40ad0
  /usr/bin/docker info
  Client: Docker Engine - Community
   Version:    24.0.6
   Context:    default
   Debug Mode: false
   Plugins:
    buildx: Docker Buildx (Docker Inc.)
      Version:  v0.11.2
      Path:     /usr/libexec/docker/cli-plugins/docker-buildx
    compose: Docker Compose (Docker Inc.)
      Version:  v2.21.0
      Path:     /usr/libexec/docker/cli-plugins/docker-compose

  Server:
   Containers: 0
    Running: 0
    Paused: 0
    Stopped: 0
   Images: 17
   Server Version: 24.0.6
   Storage Driver: overlay2
    Backing Filesystem: extfs
    Supports d_type: true
    Using metacopy: false
    Native Overlay Diff: false
    userxattr: false
   Logging Driver: json-file
   Cgroup Driver: cgroupfs
   Cgroup Version: 2
   Plugins:
    Volume: local
    Network: bridge host ipvlan macvlan null overlay
    Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
   Swarm: inactive
   Runtimes: io.containerd.runc.v2 runc
   Default Runtime: runc
   Init Binary: docker-init
   containerd version: 8165feabfdfe38c65b599c4993d227328c231fca
   runc version: v1.1.8-0-g82f18fe
   init version: de40ad0
   Security Options:
    apparmor
    seccomp
     Profile: builtin
    cgroupns
   Kernel Version: 6.2.0-1011-azure
   Operating System: Ubuntu 22.04.3 LTS
   OSType: linux
   Architecture: x86_64
   CPUs: 2
   Total Memory: 6.76GiB
   Name: fv-az400-638
   ID: c80a2c29-1ffe-4d20-baa0-434399b837a0
   Docker Root Dir: /var/lib/docker
   Debug Mode: false
   Username: githubactions
   Experimental: false
   Insecure Registries:
    127.0.0.0/8
   Live Restore Enabled: false

crazy-max commented 1 year ago

I don't see any error but a warning message:

#14 0.236 [0000]  WARN unable to access path="/run/src/core/sbom/proc/mounts": lstat /run/src/core/sbom/proc/mounts: no such file or directory

Which can be expected in some cases iirc and SBOM seems generated. WDYT @jedevc?

You can use the following to check if the SBOM has been pushed:

$ docker buildx imagetools inspect <imageName> --format "{{json .SBOM}}"

userbradley commented 1 year ago

The SBOM has not been pushed. We are storing these images on Google Artifact Registry so from my understanding it's OCI compliant and should work

See below the output of podman inspect <>

[
  {
    "Id": "5754f5ac8aa431aceff4a251e8ab57626b98b7694566acb171c9b76834be8e50",
    "Digest": "sha256:5e58b7ef8acee15b40283665b9d14e053caf6fad9b1b6bf2de337c3ad0e2a479",
    "RepoTags": [
      "europe-west2-docker.pkg.dev/redacted/devops/kubectl:redacted-SBOM-679d795"
    ],
    "RepoDigests": [
      "europe-west2-docker.pkg.dev/redacted/devops/kubectl@sha256:5e58b7ef8acee15b40283665b9d14e053caf6fad9b1b6bf2de337c3ad0e2a479"
    ],
    "Parent": "",
    "Comment": "",
    "Created": "2023-09-26T11:23:54.798248952Z",
    "Config": {
      "Env": [
        "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
      ],
      "Entrypoint": [
        "kubectl"
      ],
      "Labels": {
        "org.opencontainers.image.authors": "Bradley Stannard <bstannard@redacted>",
        "org.opencontainers.image.description": "A Docker image for Kubectl",
        "org.opencontainers.image.source": "https://console.cloud.google.com/artifacts/docker/redacted/europe-west2/containers/alpine/sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1",
        "org.opencontainers.image.title": "Kubectl",
        "org.opencontainers.image.url": "https://console.cloud.google.com/artifacts/docker/redacted/europe-west2/devops/kubectl",
        "org.opencontainers.image.vendor": "redacted"
      }
    },
    "Version": "",
    "Author": "",
    "Architecture": "amd64",
    "Os": "linux",
    "Size": 113702252,
    "VirtualSize": 113702252,
    "GraphDriver": {
      "Name": "overlay",
      "Data": {
        "LowerDir": "/var/home/core/.local/share/containers/storage/overlay/e7c38ecd945094d78ee7660a1f1e04065834c4fb7c93aacaa825756da9475651/diff:/var/home/core/.local/share/containers/storage/overlay/d67bde0e0c2971d0f5852513decf3a520dd159677278ec69d5528c7b3987e7f8/diff:/var/home/core/.local/share/containers/storage/overlay/90bf2a5dc20f16e4ff1d2324fa2ab807341c56b8bc6aab33ecfb9870eb884a75/diff:/var/home/core/.local/share/containers/storage/overlay/34cb033f741e4e71808d56ce446190e099d089e8ce49be2f831fa3e3c4ed3075/diff:/var/home/core/.local/share/containers/storage/overlay/78a822fe2a2d2c84f3de4a403188c45f623017d6a4521d23047c9fbb0801794c/diff",
        "UpperDir": "/var/home/core/.local/share/containers/storage/overlay/fce4463482c007efb972ca149f5183eda1147425c70d31b192660a7455ed7e07/diff",
        "WorkDir": "/var/home/core/.local/share/containers/storage/overlay/fce4463482c007efb972ca149f5183eda1147425c70d31b192660a7455ed7e07/work"
      }
    },
    "RootFS": {
      "Type": "layers",
      "Layers": [
        "sha256:78a822fe2a2d2c84f3de4a403188c45f623017d6a4521d23047c9fbb0801794c",
        "sha256:a78be1e5214c8c177ee0874df2b724bee317b40283757f1a9e594a6bd66269c6",
        "sha256:f0e8887c8457b8eb8d240540592a940a0cc7c101891dd0c335e0e72be117958a",
        "sha256:b8f12c0c55aa98a84f6a3149b10c0f0b455c96fdbd7d7f2c3df93ef540012349",
        "sha256:ff3592532c11dc1494243f79aa105dfd73f33380afd6c2f07dd6bb84075ceaa6",
        "sha256:26b787cf878daf4480d603986ca1c5d2c04a35a11c4bf4f7d163d218fc000d95"
      ]
    },
    "Labels": {
      "org.opencontainers.image.authors": "Bradley Stannard <bstannard@redacted>",
      "org.opencontainers.image.description": "A Docker image for Kubectl",
      "org.opencontainers.image.source": "https://console.cloud.google.com/artifacts/docker/redacted/europe-west2/containers/alpine/sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1",
      "org.opencontainers.image.title": "Kubectl",
      "org.opencontainers.image.url": "https://console.cloud.google.com/artifacts/docker/redacted/europe-west2/devops/kubectl",
      "org.opencontainers.image.vendor": "redacted"
    },
    "Annotations": {},
    "ManifestType": "application/vnd.docker.distribution.manifest.v2+json",
    "User": "",
    "History": [
      {
        "created": "2023-06-14T20:41:58.950178204Z",
        "created_by": "/bin/sh -c #(nop) ADD file:1da756d12551a0e3e793e02ef87432d69d4968937bd11bed0af215db19dd94cd in / "
      },
      {
        "created": "2023-06-14T20:41:59.079795125Z",
        "created_by": "/bin/sh -c #(nop)  CMD [\"/bin/sh\"]",
        "empty_layer": true
      },
      {
        "created": "2023-09-26T11:23:52.803052098Z",
        "created_by": "LABEL org.opencontainers.image.title=Kubectl",
        "comment": "buildkit.dockerfile.v0",
        "empty_layer": true
      },
      {
        "created": "2023-09-26T11:23:52.803052098Z",
        "created_by": "LABEL org.opencontainers.image.description=A Docker image for Kubectl",
        "comment": "buildkit.dockerfile.v0",
        "empty_layer": true
      },
      {
        "created": "2023-09-26T11:23:52.803052098Z",
        "created_by": "LABEL org.opencontainers.image.authors=Bradley Stannard <bstannard@redacted>",
        "comment": "buildkit.dockerfile.v0",
        "empty_layer": true
      },
      {
        "created": "2023-09-26T11:23:52.803052098Z",
        "created_by": "LABEL org.opencontainers.image.vendor=redacted",
        "comment": "buildkit.dockerfile.v0",
        "empty_layer": true
      },
      {
        "created": "2023-09-26T11:23:52.803052098Z",
        "created_by": "LABEL org.opencontainers.image.url=https://console.cloud.google.com/artifacts/docker/redacted/europe-west2/devops/kubectl",
        "comment": "buildkit.dockerfile.v0",
        "empty_layer": true
      },
      {
        "created": "2023-09-26T11:23:52.803052098Z",
        "created_by": "LABEL org.opencontainers.image.source=https://console.cloud.google.com/artifacts/docker/redacted/europe-west2/containers/alpine/sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1",
        "comment": "buildkit.dockerfile.v0",
        "empty_layer": true
      },
      {
        "created": "2023-09-26T11:23:52.803052098Z",
        "created_by": "RUN /bin/sh -c apk add curl # buildkit",
        "comment": "buildkit.dockerfile.v0"
      },
      {
        "created": "2023-09-26T11:23:53.814576301Z",
        "created_by": "RUN /bin/sh -c curl -LO \"https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl\" # buildkit",
        "comment": "buildkit.dockerfile.v0"
      },
      {
        "created": "2023-09-26T11:23:54.032447911Z",
        "created_by": "RUN /bin/sh -c rm -rf /var/cache/apk/* # buildkit",
        "comment": "buildkit.dockerfile.v0"
      },
      {
        "created": "2023-09-26T11:23:54.439080576Z",
        "created_by": "RUN /bin/sh -c install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl # buildkit",
        "comment": "buildkit.dockerfile.v0"
      },
      {
        "created": "2023-09-26T11:23:54.798248952Z",
        "created_by": "RUN /bin/sh -c rm /kubectl # buildkit",
        "comment": "buildkit.dockerfile.v0"
      },
      {
        "created": "2023-09-26T11:23:54.798248952Z",
        "created_by": "ENTRYPOINT [\"kubectl\"]",
        "comment": "buildkit.dockerfile.v0",
        "empty_layer": true
      }
    ],
    "NamesHistory": [
      "europe-west2-docker.pkg.dev/redacted/devops/kubectl:redacted-SBOM-679d795"
    ]
  }
]

userbradley commented 1 year ago

I will have a colleague run it on their Docker and see what comes back just to be double sure

userbradley commented 1 year ago

Yeah I've had my colleague run it and they've got back

{}

jedevc commented 1 year ago

I don't see any error but a warning message:
#14 0.236 [0000]  WARN unable to access path="/run/src/core/sbom/proc/mounts": lstat /run/src/core/sbom/proc/mounts: no such file or directory
Which can be expected in some cases iirc and SBOM seems generated. WDYT @jedevc?

Hm that's odd. I don't think this warning is expected - not quite sure what it's from.

That said: #0 building with "default" instance using docker driver. I don't think attestations are supported with the docker driver? @userbradley can you switch to using the docker-container driver to see if the SBOM still remains empty? https://docs.docker.com/build/drivers/docker-container/

This should error: https://github.com/docker/buildx/pull/1988. @crazy-max can we release this into v0.11.3? It seems like quite a few people have been caught out by it.

crazy-max commented 1 year ago

Oh right I see why, you need to use the setup-buildx-action to create container builder before the build and push action.

Edit: Ah @jedevc beat me to it :tada:

userbradley commented 1 year ago

See below addition to the Action file

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3

Buildx

Buildx version
  /usr/bin/docker buildx version
  github.com/docker/buildx v0.11.2 9872040
Creating a new builder instance
  /usr/bin/docker buildx create --name builder-8560837a-3432-4344-ae50-dcf7719c13fe --driver docker-container --buildkitd-flags --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host --use
  builder-8560837a-3432-4344-ae50-dcf7719c13fe

Running inspect again and there does not seem to be SBOM but the warn still is there

#14 [linux/amd64] generating sbom using docker.io/docker/buildkit-syft-scanner:stable-1
#14 0.114 time="2023-09-26T11:47:28Z" level=info msg="starting syft scanner for buildkit v1.2.0"
#14 0.153 [0000]  WARN unable to access path="/run/src/core/sbom/proc/mounts": lstat /run/src/core/sbom/proc/mounts: no such file or directory
#14 DONE 0.6s

Not sure if I have some whack config going on here. Do we know if there is a working example in the wild I can copy from? We just want to get SBOM and provenance working haha, so I really appreciate both your's help!

See below the workflow logs

Docker Build    Set up job  2023-09-26T11:47:01.6363975Z Current runner version: '2.309.0'
Docker Build    Set up job  2023-09-26T11:47:01.6395987Z ##[group]Operating System
Docker Build    Set up job  2023-09-26T11:47:01.6396798Z Ubuntu
Docker Build    Set up job  2023-09-26T11:47:01.6397197Z 22.04.3
Docker Build    Set up job  2023-09-26T11:47:01.6397549Z LTS
Docker Build    Set up job  2023-09-26T11:47:01.6397866Z ##[endgroup]
Docker Build    Set up job  2023-09-26T11:47:01.6398267Z ##[group]Runner Image
Docker Build    Set up job  2023-09-26T11:47:01.6398784Z Image: ubuntu-22.04
Docker Build    Set up job  2023-09-26T11:47:01.6399177Z Version: 20230917.1.0
Docker Build    Set up job  2023-09-26T11:47:01.6399830Z Included Software: https://github.com/actions/runner-images/blob/ubuntu22/20230917.1/images/linux/Ubuntu2204-Readme.md
Docker Build    Set up job  2023-09-26T11:47:01.6400651Z Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu22%2F20230917.1
Docker Build    Set up job  2023-09-26T11:47:01.6401162Z ##[endgroup]
Docker Build    Set up job  2023-09-26T11:47:01.6401692Z ##[group]Runner Image Provisioner
Docker Build    Set up job  2023-09-26T11:47:01.6402125Z 2.0.299.1
Docker Build    Set up job  2023-09-26T11:47:01.6402442Z ##[endgroup]
Docker Build    Set up job  2023-09-26T11:47:01.6403270Z ##[group]GITHUB_TOKEN Permissions
Docker Build    Set up job  2023-09-26T11:47:01.6405514Z Contents: read
Docker Build    Set up job  2023-09-26T11:47:01.6405954Z Metadata: read
Docker Build    Set up job  2023-09-26T11:47:01.6406301Z ##[endgroup]
Docker Build    Set up job  2023-09-26T11:47:01.6409918Z Secret source: Actions
Docker Build    Set up job  2023-09-26T11:47:01.6411086Z Prepare workflow directory
Docker Build    Set up job  2023-09-26T11:47:01.7326085Z Prepare all required actions
Docker Build    Set up job  2023-09-26T11:47:01.7566283Z Getting action download info
Docker Build    Set up job  2023-09-26T11:47:02.2480349Z Download action repository 'actions/checkout@v4' (SHA:8ade135a41bc03ea155e62e844d188df1ea18608)
Docker Build    Set up job  2023-09-26T11:47:02.9225941Z Download action repository 'redacted/action-docker@feature/REDACTED-3410-sbom-provenance' (SHA:8f373e6782315597888ddc5f0c6b6978f2aee4c7)
Docker Build    Set up job  2023-09-26T11:47:03.6416606Z Getting action download info
Docker Build    Set up job  2023-09-26T11:47:03.9793262Z Download action repository 'redacted/action-google-auth@v1.3.0' (SHA:a4d39e54756c4f1e10a6e2a8c6454016ef9126c4)
Docker Build    Set up job  2023-09-26T11:47:04.5044741Z Download action repository 'docker/setup-buildx-action@v3' (SHA:f95db51fddba0c2d1ec667646a06c2ce06100226)
Docker Build    Set up job  2023-09-26T11:47:05.0774041Z Download action repository 'docker/build-push-action@v5' (SHA:0565240e2d4ab88bba5387d719585280857ece09)
Docker Build    Set up job  2023-09-26T11:47:05.6799843Z Getting action download info
Docker Build    Set up job  2023-09-26T11:47:05.8835049Z Download action repository 'google-github-actions/auth@v1.1.1' (SHA:35b0e87d162680511bf346c299f71c9c5c379033)
Docker Build    Set up job  2023-09-26T11:47:06.3609276Z Download action repository 'docker/login-action@v3' (SHA:343f7c4344506bcbf9b4de18042ae17996df046d)
Docker Build    Set up job  2023-09-26T11:47:06.9503930Z Complete job name: Docker Build
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0775761Z ##[group]Run actions/checkout@v4
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0776201Z with:
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0776516Z   repository: redacted/redacted
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0777162Z   token: ***
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0777464Z   ssh-strict: true
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0777800Z   persist-credentials: true
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0778122Z   clean: true
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0778508Z   sparse-checkout-cone-mode: true
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0778857Z   fetch-depth: 1
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0779131Z   fetch-tags: false
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0779429Z   show-progress: true
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0779719Z   lfs: false
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0779991Z   submodules: false
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0780320Z   set-safe-directory: true
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.0780632Z ##[endgroup]
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4307918Z Syncing repository: redacted/redacted
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4311117Z ##[group]Getting Git version info
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4312088Z Working directory is '/home/runner/work/redacted/redacted'
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4362156Z [command]/usr/bin/git version
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4535263Z git version 2.42.0
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4573368Z ##[endgroup]
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4631844Z Temporarily overriding HOME='/home/runner/work/_temp/e19f2959-ef61-40d4-9812-f655a30b4e1f' before making global git config changes
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4632980Z Adding repository directory to the temporary git global config as a safe directory
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4639577Z [command]/usr/bin/git config --global --add safe.directory /home/runner/work/redacted/redacted
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4701598Z Deleting the contents of '/home/runner/work/redacted/redacted'
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4721620Z ##[group]Initializing the repository
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4722388Z [command]/usr/bin/git init /home/runner/work/redacted/redacted
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4812731Z hint: Using 'master' as the name for the initial branch. This default branch name
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4813726Z hint: is subject to change. To configure the initial branch name to use in all
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4815771Z hint: of your new repositories, which will suppress this warning, call:
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4816864Z hint: 
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4818073Z hint:  git config --global init.defaultBranch <name>
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4818751Z hint: 
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4819788Z hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4820611Z hint: 'development'. The just-created branch can be renamed via this command:
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4821266Z hint: 
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4823035Z hint:  git branch -m <name>
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4847709Z Initialized empty Git repository in /home/runner/work/redacted/redacted/.git/
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4870202Z [command]/usr/bin/git remote add origin https://github.com/redacted/redacted
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4920905Z ##[endgroup]
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4921541Z ##[group]Disabling automatic garbage collection
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4922237Z [command]/usr/bin/git config --local gc.auto 0
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4953625Z ##[endgroup]
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4954378Z ##[group]Setting up auth
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4960778Z [command]/usr/bin/git config --local --name-only --get-regexp core\.sshCommand
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.4996546Z [command]/usr/bin/git submodule foreach --recursive sh -c "git config --local --name-only --get-regexp 'core\.sshCommand' && git config --local --unset-all 'core.sshCommand' || :"
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.5503426Z [command]/usr/bin/git config --local --name-only --get-regexp http\.https\:\/\/github\.com\/\.extraheader
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.5542363Z [command]/usr/bin/git submodule foreach --recursive sh -c "git config --local --name-only --get-regexp 'http\.https\:\/\/github\.com\/\.extraheader' && git config --local --unset-all 'http.https://github.com/.extraheader' || :"
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.5936940Z [command]/usr/bin/git config --local http.https://github.com/.extraheader AUTHORIZATION: basic ***
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.6001261Z ##[endgroup]
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.6006077Z ##[group]Fetching the repository
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:07.6024028Z [command]/usr/bin/git -c protocol.version=2 fetch --no-tags --prune --no-recurse-submodules --depth=1 origin +679d7956f99dfe278c38b0a1709841d7cd35bbf6:refs/remotes/origin/feature/REDACTED-3410-SBOM
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.3663940Z From https://github.com/redacted/redacted
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.3665369Z  * [new ref]         679d7956f99dfe278c38b0a1709841d7cd35bbf6 -> origin/feature/REDACTED-3410-SBOM
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.3698126Z ##[endgroup]
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.3699045Z ##[group]Determining the checkout info
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.3700132Z ##[endgroup]
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.3701019Z ##[group]Checking out the ref
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.3706898Z [command]/usr/bin/git checkout --progress --force -B feature/REDACTED-3410-SBOM refs/remotes/origin/feature/REDACTED-3410-SBOM
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.5219596Z Switched to a new branch 'feature/REDACTED-3410-SBOM'
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.5221969Z branch 'feature/REDACTED-3410-SBOM' set up to track 'origin/feature/REDACTED-3410-SBOM'.
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.5233547Z ##[endgroup]
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.5287838Z [command]/usr/bin/git log -1 --format='%H'
Docker Build    Run actions/checkout@v4 2023-09-26T11:47:08.5324327Z '679d7956f99dfe278c38b0a1709841d7cd35bbf6'
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.5857844Z ##[group]Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.5858403Z with:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.5858889Z   repository: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.5859278Z   image: kubectl
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.5859691Z   directory: containers/kubectl/
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.5860120Z   dockerfile: Dockerfile
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.5860731Z   serviceAccount: ar-uploader@redacted.iam.gserviceaccount.com
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.5861266Z   sensitive: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.5861647Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6220284Z ##[group]Run redacted/action-google-auth@v1.3.0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6220689Z with:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6221572Z   serviceAccount: ar-uploader@redacted.iam.gserviceaccount.com
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6222350Z   sensitive: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6222638Z   docker: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6224166Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6333537Z ##[group]Run google-github-actions/auth@v1.1.1
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6333911Z with:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6334184Z   token_format: access_token
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6334778Z   workload_identity_provider: projects/redacted/locations/global/workloadIdentityPools/default/providers/default
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6335425Z   service_account: ar-uploader@redacted.iam.gserviceaccount.com
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6335889Z   create_credentials_file: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6336240Z   export_environment_variables: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6336587Z   cleanup_credentials: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6336916Z   access_token_lifetime: 3600s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6337363Z   access_token_scopes: https://www.googleapis.com/auth/cloud-platform
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6337775Z   retries: 3
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6338057Z   backoff: 250
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6338354Z   id_token_include_email: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:08.6338648Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.2474747Z Created credentials file at "/home/runner/work/redacted/redacted/redacted.json"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6854492Z ##[group]Run docker/login-action@v3
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6854846Z with:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6855205Z   registry: europe-west2-docker.pkg.dev
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6855590Z   username: oauth2accesstoken
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6860119Z   password: ***
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6860416Z   ecr: auto
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6860695Z   logout: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6860981Z env:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6861454Z   CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6862087Z   GOOGLE_APPLICATION_CREDENTIALS: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6862682Z   GOOGLE_GHA_CREDS_PATH: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6863190Z   CLOUDSDK_CORE_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6863577Z   CLOUDSDK_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6863962Z   GCLOUD_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6864321Z   GCP_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6864688Z   GOOGLE_CLOUD_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.6865023Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:09.8390969Z Logging into europe-west2-docker.pkg.dev...
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.6737590Z Login Succeeded!
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7100596Z ##[group]Run echo ref=$(echo ${GITHUB_REF_NAME} | cut -f2 -d'/') >> $GITHUB_OUTPUT
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7101287Z [36;1mecho ref=$(echo ${GITHUB_REF_NAME} | cut -f2 -d'/') >> $GITHUB_OUTPUT[0m
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7101795Z [36;1mecho "sha=${GITHUB_SHA::7}" >> $GITHUB_OUTPUT[0m
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7183738Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7184181Z env:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7184659Z   CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7185840Z   GOOGLE_APPLICATION_CREDENTIALS: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7186445Z   GOOGLE_GHA_CREDS_PATH: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7186941Z   CLOUDSDK_CORE_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7187335Z   CLOUDSDK_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7188171Z   GCLOUD_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7188531Z   GCP_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7188903Z   GOOGLE_CLOUD_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7189258Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7459728Z ##[group]Run echo "image=europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:679d795" >> $GITHUB_OUTPUT
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7460545Z [36;1mecho "image=europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:679d795" >> $GITHUB_OUTPUT[0m
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7530187Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7530858Z env:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7531334Z   CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7531969Z   GOOGLE_APPLICATION_CREDENTIALS: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7532564Z   GOOGLE_GHA_CREDS_PATH: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7533065Z   CLOUDSDK_CORE_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7533458Z   CLOUDSDK_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7533830Z   GCLOUD_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7534186Z   GCP_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7534555Z   GOOGLE_CLOUD_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7534908Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7681453Z ##[group]Run docker/setup-buildx-action@v3
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7681826Z with:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7682123Z   driver: docker-container
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7682673Z   buildkitd-flags: --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7683207Z   install: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7683491Z   use: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7683768Z   cleanup: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7684052Z env:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7684506Z   CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7685150Z   GOOGLE_APPLICATION_CREDENTIALS: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7685745Z   GOOGLE_GHA_CREDS_PATH: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7686230Z   CLOUDSDK_CORE_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7686671Z   CLOUDSDK_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7687038Z   GCLOUD_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7687394Z   GCP_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7687761Z   GOOGLE_CLOUD_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:12.7688116Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0084642Z ##[group]Docker info
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0118870Z [command]/usr/bin/docker version
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0419410Z Client: Docker Engine - Community
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0420238Z  Version:           24.0.6
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0420843Z  API version:       1.43
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0421542Z  Go version:        go1.20.7
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0422127Z  Git commit:        ed223bc
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0422650Z  Built:             Mon Sep  4 12:31:44 2023
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0423218Z  OS/Arch:           linux/amd64
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0424128Z  Context:           default
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0424415Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0424770Z Server: Docker Engine - Community
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0425110Z  Engine:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0425398Z   Version:          24.0.6
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0425775Z   API version:      1.43 (minimum version 1.12)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0426150Z   Go version:       go1.20.7
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0426479Z   Git commit:       1a79695
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0426827Z   Built:            Mon Sep  4 12:31:44 2023
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0427183Z   OS/Arch:          linux/amd64
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0427543Z   Experimental:     false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0427860Z  containerd:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0428176Z   Version:          1.6.22
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0428572Z   GitCommit:        8165feabfdfe38c65b599c4993d227328c231fca
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0428943Z  runc:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0434613Z   Version:          1.1.8
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0435923Z   GitCommit:        v1.1.8-0-g82f18fe
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0456106Z  docker-init:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0456954Z   Version:          0.19.0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0457339Z   GitCommit:        de40ad0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.0519570Z [command]/usr/bin/docker info
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3345369Z Client: Docker Engine - Community
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3350466Z  Version:    24.0.6
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3351693Z  Context:    default
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3352239Z  Debug Mode: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3353017Z  Plugins:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3353566Z   buildx: Docker Buildx (Docker Inc.)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3354392Z     Version:  v0.11.2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3355550Z     Path:     /usr/libexec/docker/cli-plugins/docker-buildx
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3356483Z   compose: Docker Compose (Docker Inc.)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3357067Z     Version:  v2.21.0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3358055Z     Path:     /usr/libexec/docker/cli-plugins/docker-compose
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3358551Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3359089Z Server:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3360030Z  Containers: 0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3360803Z   Running: 0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3361312Z   Paused: 0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3362044Z   Stopped: 0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3362531Z  Images: 17
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3363280Z  Server Version: 24.0.6
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3363820Z  Storage Driver: overlay2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3364615Z   Backing Filesystem: extfs
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3365182Z   Supports d_type: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3365965Z   Using metacopy: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3366508Z   Native Overlay Diff: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3367307Z   userxattr: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3367922Z  Logging Driver: json-file
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3368756Z  Cgroup Driver: cgroupfs
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3369291Z  Cgroup Version: 2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3370032Z  Plugins:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3370523Z   Volume: local
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3371347Z   Network: bridge host ipvlan macvlan null overlay
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3372249Z   Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3373222Z  Swarm: inactive
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3374344Z  Runtimes: io.containerd.runc.v2 runc
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3375237Z  Default Runtime: runc
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3375879Z  Init Binary: docker-init
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3376779Z  containerd version: 8165feabfdfe38c65b599c4993d227328c231fca
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3377515Z  runc version: v1.1.8-0-g82f18fe
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3378323Z  init version: de40ad0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3378864Z  Security Options:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3379627Z   apparmor
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3380103Z   seccomp
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3380840Z    Profile: builtin
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3381343Z   cgroupns
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3382297Z  Kernel Version: 6.2.0-1011-azure
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3382913Z  Operating System: Ubuntu 22.04.3 LTS
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3383718Z  OSType: linux
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3384250Z  Architecture: x86_64
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3384998Z  CPUs: 2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3385517Z  Total Memory: 6.76GiB
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3386366Z  Name: fv-az792-852
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3387020Z  ID: c80a2c29-1ffe-4d20-baa0-434399b837a0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3387878Z  Docker Root Dir: /var/lib/docker
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3388428Z  Debug Mode: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3389208Z  Username: githubactions
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3390102Z  Experimental: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3390894Z  Insecure Registries:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3391711Z   127.0.0.0/8
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3392884Z  Live Restore Enabled: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3393124Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.3393725Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.4422424Z ##[group]Buildx version
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.4448101Z [command]/usr/bin/docker buildx version
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.5292497Z github.com/docker/buildx v0.11.2 9872040
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.5341115Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.5408008Z ##[group]Creating a new builder instance
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.6412815Z [command]/usr/bin/docker buildx create --name builder-8560837a-3432-4344-ae50-dcf7719c13fe --driver docker-container --buildkitd-flags --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host --use
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.7462931Z builder-8560837a-3432-4344-ae50-dcf7719c13fe
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.7511888Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.7512530Z ##[group]Booting builder
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.7579535Z [command]/usr/bin/docker buildx inspect --bootstrap --builder builder-8560837a-3432-4344-ae50-dcf7719c13fe
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:13.8545879Z #1 [internal] booting buildkit
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:14.0057866Z #1 pulling image moby/buildkit:buildx-stable-1
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:14.7581758Z #1 pulling image moby/buildkit:buildx-stable-1 0.8s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:14.7582549Z #1 creating container buildx_buildkit_builder-8560837a-3432-4344-ae50-dcf7719c13fe0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.4874014Z #1 creating container buildx_buildkit_builder-8560837a-3432-4344-ae50-dcf7719c13fe0 0.8s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.4937384Z #1 DONE 1.6s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6424311Z Name:          builder-8560837a-3432-4344-ae50-dcf7719c13fe
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6425216Z Driver:        docker-container
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6425927Z Last Activity: 2023-09-26 11:47:13 +0000 UTC
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6426438Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6427032Z Nodes:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6427819Z Name:      builder-8560837a-3432-4344-ae50-dcf7719c13fe0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6428262Z Endpoint:  unix:///var/run/docker.sock
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6428610Z Status:    running
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6429244Z Flags:     --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6430250Z Buildkit:  v0.12.2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6430693Z Platforms: linux/amd64, linux/amd64/v2, linux/amd64/v3, linux/amd64/v4, linux/386
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6431100Z Labels:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6431500Z  org.mobyproject.buildkit.worker.executor:         oci
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6432069Z  org.mobyproject.buildkit.worker.hostname:         07c377f7e4af
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6432612Z  org.mobyproject.buildkit.worker.network:          host
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6433271Z  org.mobyproject.buildkit.worker.oci.process-mode: sandbox
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6440465Z  org.mobyproject.buildkit.worker.selinux.enabled:  false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6441628Z  org.mobyproject.buildkit.worker.snapshotter:      overlayfs
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6442501Z GC Policy rule#0:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6643816Z  All:           false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6644690Z  Filters:       type==source.local,type==exec.cachemount,type==source.git.checkout
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6646400Z  Keep Duration: 48h0m0s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6646850Z  Keep Bytes:    488.3MiB
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6647460Z GC Policy rule#1:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6648271Z  All:           false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6649357Z  Keep Duration: 1440h0m0s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6649700Z  Keep Bytes:    8.382GiB
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6650049Z GC Policy rule#2:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6650347Z  All:        false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6650645Z  Keep Bytes: 8.382GiB
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6650955Z GC Policy rule#3:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6651855Z  All:        true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6652160Z  Keep Bytes: 8.382GiB
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.6652891Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8521791Z ##[group]Inspect builder
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8624027Z {
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8624801Z   "nodes": [
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8625345Z     {
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8628343Z       "name": "builder-8560837a-3432-4344-ae50-dcf7719c13fe0",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8628946Z       "endpoint": "unix:///var/run/docker.sock",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8629403Z       "status": "running",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8631629Z       "buildkitd-flags": "--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8632185Z       "buildkit": "v0.12.2",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8632629Z       "platforms": "linux/amd64,linux/amd64/v2,linux/amd64/v3,linux/amd64/v4,linux/386",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8633062Z       "labels": {
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8633479Z         "org.mobyproject.buildkit.worker.executor": "oci",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8634046Z         "org.mobyproject.buildkit.worker.hostname": "07c377f7e4af",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8634597Z         "org.mobyproject.buildkit.worker.network": "host",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8635277Z         "org.mobyproject.buildkit.worker.oci.process-mode": "sandbox",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8636322Z         "org.mobyproject.buildkit.worker.selinux.enabled": "false",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8636927Z         "org.mobyproject.buildkit.worker.snapshotter": "overlayfs"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8637359Z       },
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8637637Z       "gcPolicy": [
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8637922Z         {
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8638195Z           "all": false,
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8638552Z           "filter": [
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8638868Z             "type==source.local",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8639225Z             "type==exec.cachemount",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8639591Z             "type==source.git.checkout"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8640119Z           ],
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8640429Z           "keepDuration": "48h0m0s",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8640774Z           "keepBytes": "488.3MiB"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8641076Z         },
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8641336Z         {
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8641609Z           "all": false,
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8641937Z           "keepDuration": "1440h0m0s",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8642287Z           "keepBytes": "8.382GiB"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8642580Z         },
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8642840Z         {
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8643127Z           "all": false,
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8643438Z           "keepBytes": "8.382GiB"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8643734Z         },
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8643990Z         {
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8644269Z           "all": true,
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8644581Z           "keepBytes": "8.382GiB"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8644879Z         }
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8645137Z       ]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8645389Z     }
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8645634Z   ],
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8646104Z   "name": "builder-8560837a-3432-4344-ae50-dcf7719c13fe",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8646575Z   "driver": "docker-container",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8647018Z   "lastActivity": "2023-09-26T11:47:13.000Z"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8647352Z }
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8649202Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8651102Z ##[group]BuildKit version
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8651790Z builder-8560837a-3432-4344-ae50-dcf7719c13fe0: v0.12.2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8652512Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8857128Z ##[group]Run docker/build-push-action@v5
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8857500Z with:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8858109Z   push: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8858488Z   context: containers/kubectl/
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8858853Z   file: containers/kubectl//Dockerfile
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8859208Z   provenance: mode=max
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8859504Z   sbom: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8860690Z   tags: europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:679d795
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:REDACTED-3410-SBOM
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:REDACTED-3410-SBOM-679d795
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:dev
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:latest
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8861892Z   load: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8862183Z   no-cache: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8862475Z   pull: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8862977Z   github-token: ***
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8863263Z env:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8863717Z   CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8864349Z   GOOGLE_APPLICATION_CREDENTIALS: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8864951Z   GOOGLE_GHA_CREDS_PATH: /home/runner/work/redacted/redacted/redacted.json
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8865459Z   CLOUDSDK_CORE_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8865851Z   CLOUDSDK_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8866224Z   GCLOUD_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8866591Z   GCP_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8866962Z   GOOGLE_CLOUD_PROJECT: redacted
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:15.8867299Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1228008Z ##[group]GitHub Actions runtime token ACs
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1340896Z refs/heads/feature/REDACTED-3410-SBOM: read/write
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1343344Z refs/heads/main: read
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1347758Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1350521Z ##[group]Docker info
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1425613Z [command]/usr/bin/docker version
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1699947Z Client: Docker Engine - Community
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1700722Z  Version:           24.0.6
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1701549Z  API version:       1.43
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1702071Z  Go version:        go1.20.7
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1702810Z  Git commit:        ed223bc
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1703339Z  Built:             Mon Sep  4 12:31:44 2023
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1704096Z  OS/Arch:           linux/amd64
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1704759Z  Context:           default
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1705792Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1706223Z Server: Docker Engine - Community
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1706952Z  Engine:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1707432Z   Version:          24.0.6
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1708197Z   API version:      1.43 (minimum version 1.12)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1708742Z   Go version:       go1.20.7
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1709656Z   Git commit:       1a79695
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1710259Z   Built:            Mon Sep  4 12:31:44 2023
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1711021Z   OS/Arch:          linux/amd64
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1711533Z   Experimental:     false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1712240Z  containerd:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1712727Z   Version:          1.6.22
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1713526Z   GitCommit:        8165feabfdfe38c65b599c4993d227328c231fca
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1714061Z  runc:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1714736Z   Version:          1.1.8
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1715346Z   GitCommit:        v1.1.8-0-g82f18fe
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1716121Z  docker-init:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1716602Z   Version:          0.19.0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1717316Z   GitCommit:        de40ad0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.1759944Z [command]/usr/bin/docker info
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2513602Z Client: Docker Engine - Community
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2514777Z  Version:    24.0.6
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2515405Z  Context:    default
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2516134Z  Debug Mode: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2516616Z  Plugins:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2517347Z   buildx: Docker Buildx (Docker Inc.)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2517900Z     Version:  v0.11.2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2518857Z     Path:     /usr/libexec/docker/cli-plugins/docker-buildx
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2519481Z   compose: Docker Compose (Docker Inc.)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2520230Z     Version:  v2.21.0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2520909Z     Path:     /usr/libexec/docker/cli-plugins/docker-compose
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2521585Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2521856Z Server:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2522627Z  Containers: 1
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2523201Z   Running: 1
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2524240Z   Paused: 0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2524811Z   Stopped: 0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2525614Z  Images: 17
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2526186Z  Server Version: 24.0.6
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2527089Z  Storage Driver: overlay2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2527718Z   Backing Filesystem: extfs
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2552447Z   Supports d_type: true
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2553312Z   Using metacopy: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2586661Z   Native Overlay Diff: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2587482Z   userxattr: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2588782Z  Logging Driver: json-file
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2590195Z  Cgroup Driver: cgroupfs
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2591347Z  Cgroup Version: 2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2591946Z  Plugins:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2592925Z   Volume: local
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2593704Z   Network: bridge host ipvlan macvlan null overlay
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2595155Z   Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2595925Z  Swarm: inactive
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2596924Z  Runtimes: io.containerd.runc.v2 runc
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2597674Z  Default Runtime: runc
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2598763Z  Init Binary: docker-init
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2599493Z  containerd version: 8165feabfdfe38c65b599c4993d227328c231fca
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2600644Z  runc version: v1.1.8-0-g82f18fe
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2601364Z  init version: de40ad0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2602414Z  Security Options:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2602986Z   apparmor
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2603984Z   seccomp
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2604970Z    Profile: builtin
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2605923Z   cgroupns
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2606667Z  Kernel Version: 6.2.0-1011-azure
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2607798Z  Operating System: Ubuntu 22.04.3 LTS
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2608433Z  OSType: linux
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2609377Z  Architecture: x86_64
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2610036Z  CPUs: 2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2611063Z  Total Memory: 6.76GiB
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2611745Z  Name: fv-az792-852
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2612838Z  ID: c80a2c29-1ffe-4d20-baa0-434399b837a0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2613513Z  Docker Root Dir: /var/lib/docker
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2614615Z  Debug Mode: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2615219Z  Username: githubactions
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2616458Z  Experimental: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2617066Z  Insecure Registries:
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2618171Z   127.0.0.0/8
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2618839Z  Live Restore Enabled: false
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2619742Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2620702Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2621967Z ##[group]Proxy configuration
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2622603Z No proxy configuration found
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.2658765Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.3552411Z ##[group]Buildx version
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.3554842Z [command]/usr/bin/docker buildx version
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.4312992Z github.com/docker/buildx v0.11.2 9872040
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.4342033Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.5358771Z [command]/usr/bin/docker buildx build --file containers/kubectl//Dockerfile --iidfile /tmp/docker-actions-toolkit-lAFPvy/iidfile --provenance mode=max,builder-id=https://github.com/redacted/redacted/actions/runs/6311325738 --sbom true --tag europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:679d795 --tag europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:REDACTED-3410-SBOM --tag europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:REDACTED-3410-SBOM-679d795 --tag europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:dev --tag europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:latest --metadata-file /tmp/docker-actions-toolkit-lAFPvy/metadata-file --push containers/kubectl/
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.9084089Z #0 building with "builder-8560837a-3432-4344-ae50-dcf7719c13fe" instance using docker-container driver
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.9085087Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.9085761Z #1 [internal] load build definition from Dockerfile
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.9086555Z #1 transferring dockerfile: 1.10kB done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.9087152Z #1 DONE 0.0s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.9087471Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:16.9088310Z #2 resolve image config for docker.io/docker/buildkit-syft-scanner:stable-1
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:17.2092386Z #2 ...
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:17.2093371Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:17.2094599Z #3 [auth] docker/buildkit-syft-scanner:pull token for registry-1.docker.io
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:17.2096166Z #3 DONE 0.0s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:17.3597713Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:17.3599113Z #2 resolve image config for docker.io/docker/buildkit-syft-scanner:stable-1
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:17.9613664Z #2 DONE 1.1s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:17.9614505Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:17.9616122Z #4 [internal] load metadata for europe-west2-docker.pkg.dev/redacted-redacted/containers/alpine:3.18.2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:19.2689278Z #4 ...
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:19.2689620Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:19.2690335Z #5 [auth] redacted-redacted/containers/alpine:pull token for europe-west2-docker.pkg.dev
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:19.2690845Z #5 DONE 0.0s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:19.4192724Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:19.4194475Z #4 [internal] load metadata for europe-west2-docker.pkg.dev/redacted-redacted/containers/alpine:3.18.2
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.2800952Z #4 DONE 4.3s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.2802611Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.2803070Z #6 [internal] load .dockerignore
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.2804684Z #6 transferring context: 2B done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.2805477Z #6 DONE 0.0s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.2805895Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.2807467Z #7 [1/6] FROM europe-west2-docker.pkg.dev/redacted-redacted/containers/alpine:3.18.2@sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.2809484Z #7 resolve europe-west2-docker.pkg.dev/redacted-redacted/containers/alpine:3.18.2@sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1 done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.4306452Z #7 sha256:31e352740f534f9ad170f75378a84fe453d6156e40700b882d737a8f4a6988a3 0B / 3.40MB 0.2s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.9600363Z #7 ...
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.9601260Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.9602836Z #8 docker-image://docker.io/docker/buildkit-syft-scanner:stable-1
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.9604076Z #8 resolve docker.io/docker/buildkit-syft-scanner:stable-1 0.1s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.9604909Z #8 sha256:5ad95de4207de923f82a2517ca654b09c9c8251fb7eb25242442a368d631c89d 21.07MB / 21.07MB 0.3s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.9606346Z #8 extracting sha256:5ad95de4207de923f82a2517ca654b09c9c8251fb7eb25242442a368d631c89d 0.3s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.9606988Z #8 DONE 0.7s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.9607562Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:22.9609144Z #7 [1/6] FROM europe-west2-docker.pkg.dev/redacted-redacted/containers/alpine:3.18.2@sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:25.8205152Z #7 sha256:31e352740f534f9ad170f75378a84fe453d6156e40700b882d737a8f4a6988a3 3.40MB / 3.40MB 3.5s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:25.8205834Z #7 extracting sha256:31e352740f534f9ad170f75378a84fe453d6156e40700b882d737a8f4a6988a3
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:25.9712264Z #7 extracting sha256:31e352740f534f9ad170f75378a84fe453d6156e40700b882d737a8f4a6988a3 0.1s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:25.9712829Z #7 DONE 3.7s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:25.9713029Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:25.9713181Z #9 [2/6] RUN apk add curl
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.1218573Z #9 0.134 fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/main/x86_64/APKINDEX.tar.gz
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.2726100Z #9 0.257 fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/community/x86_64/APKINDEX.tar.gz
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.5241941Z #9 0.579 (1/7) Installing ca-certificates (20230506-r0)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.5242556Z #9 0.597 (2/7) Installing brotli-libs (1.0.9-r14)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.5243048Z #9 0.612 (3/7) Installing libunistring (1.1-r1)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.5243574Z #9 0.634 (4/7) Installing libidn2 (2.3.4-r1)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.5244072Z #9 0.647 (5/7) Installing nghttp2-libs (1.55.1-r0)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.6749333Z #9 0.651 (6/7) Installing libcurl (8.3.0-r0)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.6750306Z #9 0.662 (7/7) Installing curl (8.3.0-r0)
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.6750909Z #9 0.667 Executing busybox-1.36.1-r0.trigger
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.6751579Z #9 0.672 Executing ca-certificates-20230506-r0.trigger
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.6752118Z #9 0.721 OK: 12 MiB in 22 packages
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.7862496Z #9 DONE 0.9s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.9365387Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:26.9367231Z #10 [3/6] RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.2357969Z #10 0.306   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.2361620Z #10 0.308                                  Dload  Upload   Total   Spent    Left  Speed
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.2363126Z #10 0.311 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.2365158Z   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.3868327Z 100   138  100   138    0     0    986      0 --:--:-- --:--:-- --:--:--   992
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.3868806Z #10 0.517 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.6470711Z   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.6471378Z 100 47.5M  100 47.5M    0     0   102M      0 --:--:-- --:--:-- --:--:--  188M
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.6471747Z #10 DONE 0.9s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.7582654Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.7583470Z #11 [4/6] RUN rm -rf /var/cache/apk/*
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.7583861Z #11 DONE 0.1s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.9088710Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:27.9089726Z #12 [5/6] RUN install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:28.0595232Z #12 DONE 0.2s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:28.0595791Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:28.0596661Z #13 [6/6] RUN rm /kubectl
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:28.2102413Z #13 DONE 0.1s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:28.3591301Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:28.3592906Z #14 [linux/amd64] generating sbom using docker.io/docker/buildkit-syft-scanner:stable-1
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:28.4699363Z #14 0.114 time="2023-09-26T11:47:28Z" level=info msg="starting syft scanner for buildkit v1.2.0"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:28.6202869Z #14 0.153 [0;90m[0000][0m [0;33m WARN[0m unable to access path="/run/src/core/sbom/proc/mounts": lstat /run/src/core/sbom/proc/mounts: no such file or directory
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:28.9092492Z #14 DONE 0.6s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:29.0596752Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:29.0597610Z #15 exporting to image
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:29.0598275Z #15 exporting layers
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:31.7654559Z #15 exporting layers 2.8s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:31.7655372Z #15 exporting manifest sha256:c45222ea32462b9dbf9e7aaa05b6f8d34e6a0eac2a8c68fc9b5cb951d1ffb101 done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:31.7656692Z #15 exporting config sha256:a3e5470b0122c07ef82769c7530b8a9e6ab1a375a45221d99383e5380b88ba41 done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:32.5174356Z #15 exporting attestation manifest sha256:a23ced725c0bf98e20aff912cbd814c8ace35759712e87cfa0dd5c2df4a94bf0 done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:32.5175705Z #15 exporting manifest list sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9 done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:32.5176498Z #15 pushing layers
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:32.9674853Z #15 ...
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:32.9675435Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:32.9676758Z #16 [auth] redacted-redacted/redacted/kubectl:pull,push token for europe-west2-docker.pkg.dev
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:32.9677652Z #16 DONE 0.0s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:33.1177299Z 
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:33.1178210Z #15 exporting to image
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:41.9906703Z #15 pushing layers 9.5s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:41.9909334Z #15 pushing manifest for europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:679d795@sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:43.9458363Z #15 pushing manifest for europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:679d795@sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9 1.9s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:45.1493424Z #15 pushing layers 1.2s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:45.1495588Z #15 pushing manifest for europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:REDACTED-3410-SBOM@sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:45.7237383Z #15 pushing manifest for europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:REDACTED-3410-SBOM@sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9 0.7s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:46.7765053Z #15 pushing layers 1.0s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:46.7766555Z #15 pushing manifest for europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:REDACTED-3410-SBOM-679d795@sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:48.5811395Z #15 pushing manifest for europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:REDACTED-3410-SBOM-679d795@sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9 1.7s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:49.4681609Z #15 pushing layers 1.0s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:49.4682905Z #15 pushing manifest for europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:dev@sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:51.2729117Z #15 pushing manifest for europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:dev@sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9 1.7s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:52.0196241Z #15 pushing layers 0.8s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:52.0198588Z #15 pushing manifest for europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:latest@sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.3460722Z #15 pushing manifest for europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:latest@sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9 1.3s done
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.3461469Z #15 DONE 24.4s
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4003513Z ##[group]ImageID
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4004230Z sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4005260Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4005772Z ##[group]Digest
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4006753Z sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4007435Z ##[endgroup]
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4008105Z ##[group]Metadata
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4008382Z {
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4008695Z   "containerimage.descriptor": {
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4009155Z     "mediaType": "application/vnd.oci.image.index.v1+json",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4009713Z     "digest": "sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4010156Z     "size": 856
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4010675Z   },
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4011150Z   "containerimage.digest": "sha256:f2484d6e99b95e0b76d2fea4a82714e7e05d07d659d25f2d29947bda279f2fa9",
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4013257Z   "image.name": "europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:679d795,europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:REDACTED-3410-SBOM,europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:REDACTED-3410-SBOM-679d795,europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:dev,europe-west2-docker.pkg.dev/redacted-redacted/redacted/kubectl:latest"
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4014503Z }
Docker Build    Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance    2023-09-26T11:47:53.4051806Z ##[endgroup]
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:53.4333364Z Post job cleanup.
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:53.4396838Z Post job cleanup.
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:53.6457133Z ##[group]Removing temp folder /tmp/docker-actions-toolkit-lAFPvy
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:53.6489272Z ##[endgroup]
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:53.6736058Z Post job cleanup.
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:53.8776810Z ##[group]Removing builder
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.0710493Z [command]/usr/bin/docker buildx rm builder-8560837a-3432-4344-ae50-dcf7719c13fe
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.3644596Z builder-8560837a-3432-4344-ae50-dcf7719c13fe removed
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.3672768Z ##[endgroup]
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.3673401Z ##[group]Cleaning up certificates
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.3675694Z ##[endgroup]
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.3901471Z Post job cleanup.
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.3934430Z Post job cleanup.
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.5484806Z [command]/usr/bin/docker logout europe-west2-docker.pkg.dev
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.5686839Z Removing login credentials for europe-west2-docker.pkg.dev
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.5952337Z Post job cleanup.
Docker Build    Post Run redacted/action-docker@feature/REDACTED-3410-sbom-provenance   2023-09-26T11:47:54.6871040Z Removed exported credentials at "/home/runner/work/redacted/redacted/redacted.json".
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.7012823Z Post job cleanup.
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8151911Z [command]/usr/bin/git version
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8206322Z git version 2.42.0
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8281024Z Temporarily overriding HOME='/home/runner/work/_temp/3d701a90-d97a-4c1b-8037-bd52fdffc074' before making global git config changes
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8285468Z Adding repository directory to the temporary git global config as a safe directory
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8295631Z [command]/usr/bin/git config --global --add safe.directory /home/runner/work/redacted/redacted
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8353047Z [command]/usr/bin/git config --local --name-only --get-regexp core\.sshCommand
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8399328Z [command]/usr/bin/git submodule foreach --recursive sh -c "git config --local --name-only --get-regexp 'core\.sshCommand' && git config --local --unset-all 'core.sshCommand' || :"
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8728929Z [command]/usr/bin/git config --local --name-only --get-regexp http\.https\:\/\/github\.com\/\.extraheader
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8746594Z http.https://github.com/.extraheader
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8765276Z [command]/usr/bin/git config --local --unset-all http.https://github.com/.extraheader
Docker Build    Post Run actions/checkout@v4    2023-09-26T11:47:54.8800706Z [command]/usr/bin/git submodule foreach --recursive sh -c "git config --local --name-only --get-regexp 'http\.https\:\/\/github\.com\/\.extraheader' && git config --local --unset-all 'http.https://github.com/.extraheader' || :"
Docker Build    Complete job    2023-09-26T11:47:54.9476685Z Cleaning up orphan processes

crazy-max commented 1 year ago

Running inspect again

What do you mean by inspect? Is it through:

$ docker buildx imagetools inspect <imageName> --format "{{json .SBOM}}"

?

Can you also try with:

$ docker buildx imagetools inspect <imageName> --format "{{json .}}"

Also check if you have the latest buildx version before using this command (docker buildx version).

crazy-max commented 1 year ago

@elsmorian Related to #979, can you show the output of:

$ docker buildx imagetools inspect <imageName> --format "{{json .}}"

lucacome commented 1 year ago

I've been getting slightly different messages, but I never thought much of it

#44 1.584 [0001]  WARN unable to access path="/run/src/core/sbom/usr/share/doc/libxml2/changelog.gz": lstat /run/src/core/sbom/usr/share/doc/libxml2/changelog.gz: no such file or directory
#44 1.598 [0001]  WARN unable to access path="/run/src/core/sbom/dev/stdout": lstat /run/src/core/sbom/dev/stdout: no such file or directory
#44 1.599 [0001]  WARN unable to access path="/run/src/core/sbom/dev/stderr": lstat /run/src/core/sbom/dev/stderr: no such file or directory

I guess it's not expected?

You can see the run here: https://github.com/nginxinc/kubernetes-ingress/actions/runs/6655996059/job/18090420852#step:14:741

elsmorian commented 1 year ago

@crazy-max I actually solved this, but the tooling around this could be a little more kind I think!

I had assumed that docker buildx imagetools inspect <imageName> --format "{{json .}}" would show everything in a json doc, as we are just doing . as the filter. It does not!

Even if you build an image with an SBOM, Provenance etc, those keys will not show up unless you explicitly ask for them in that format query eg. docker buildx imagetools inspect <imageName> --format "{{json .SBOM}}"

This took a fair few hours to find out!

crazy-max commented 1 year ago

Do we know if there is a working example in the wild I can copy from?

Yes we have one here: https://github.com/docker/build-push-action/blob/fdf7f43ecf7c1a5c7afe936410233728a8c2d9c2/.github/workflows/ci.yml#L631-L688

I had assumed that docker buildx imagetools inspect <imageName> --format "{{json .}}" would show everything in a json doc, as we are just doing . as the filter. It does not!

Oh it should actually, that might be a regression. I will look into it.

deitch commented 1 year ago

Ah, I had been looking for something like this.

I have a similar issue. You can see a bit of run output here.

I know that when I run it locally, I get the index with 4 manifests: 1 each for linux/amd64 and linux/arm64, and 1 each for the attestations for those. In Actions, I get those warnings and the attestations are missing.

As for builder version, I am running this in a tool that ensures it runs via docker-container driver, with buildkit version v0.12.3.

Why would it fail (and with just warnings) in GHA?

crazy-max commented 1 year ago

Oh it should actually, that might be a regression. I will look into it.

@elsmorian We have updated our docs related to the inspect format (https://github.com/docker/buildx/pull/2122), see https://docs.docker.com/engine/reference/commandline/buildx_imagetools_inspect/.

To output the SBOM use:

docker buildx imagetools inspect <imageName> --format "{{json .SBOM}}"

Also added extra jobs in our workflow to check this behavior: https://github.com/docker/build-push-action/pull/1005. See for example https://github.com/docker/build-push-action/actions/runs/6942189435/job/18884628164#step:6:1

I have a similar issue. You can see a bit of run output here.

I don't see any usage of the build-push-action in this workflow.

Why would it fail (and with just warnings) in GHA?

I'm not quite sure about this warning. As @jedevc said it's not expected.

@deitch I just released an RC of the buildkit syft scanner image: https://github.com/docker/buildkit-syft-scanner/releases/tag/v1.3.0-rc.1

Can you try with: --attest type=sbom,generator=docker/buildkit-syft-scanner:1.3.0-rc.1

With build-push-action:

attests: type=sbom,generator=docker/buildkit-syft-scanner:1.3.0-rc.1

deitch commented 1 year ago

Actually, I think the error in my case might have been mine. Sorry for the confusion. 🤦‍♂️

elsmorian commented 1 year ago

@crazy-max Aha, thanks for clarifying that!

crazy-max commented 1 year ago

Ok I was only able to repro on public Ubuntu GitHub Runners with latest stable of buildkit-syft-scanner: https://github.com/docker/build-push-action/actions/runs/6955717600/job/18925090210#step:5:224

#21 [linux/amd64] generating sbom using docker.io/docker/buildkit-syft-scanner:stable-1
#21 0.108 time="2023-11-22T10:04:21Z" level=info msg="starting syft scanner for buildkit v1.2.0"
#21 0.123 [0000]  WARN unable to access path="/run/src/core/sbom/proc/mounts": lstat /run/src/core/sbom/proc/mounts: no such file or directory
#21 DONE 0.2s

I couldn't repro with docker/buildkit-syft-scanner:1.3.0-rc.1 but got some warnings related to RPMDBs scan capability:

#23 [linux/amd64] generating sbom using docker.io/docker/buildkit-syft-scanner:1.3.0-rc.1
#23 0.130 time="2023-11-22T13:40:04Z" level=info msg="starting syft scanner for buildkit v1.3.0-rc.1"
#23 0.130 [0000]  WARN sqlite driver is not available, newer RPM databases might not be cataloged
#23 0.154 [0000]  WARN sqlite driver is not available, newer RPM databases might not be cataloged
#23 DONE 0.3s

This is just a warning and should not have an impact to compute the SBOM. Will open an issue on upstream repo to see if this can be fixed before 1.3.0 GA of the scanner.

crazy-max commented 1 year ago

Opened https://github.com/docker/buildkit-syft-scanner/issues/80.

Closing this issue since the warning should not have any incidence on generating the SBOM per our repro: https://github.com/docker/build-push-action/actions/runs/6942189435/job/18884628164#step:6:1

docker / build-push-action