Skip to content

User-Defined Node Taints on Provisioned Nodes (#41) #81

User-Defined Node Taints on Provisioned Nodes (#41)

User-Defined Node Taints on Provisioned Nodes (#41) #81

Triggered via push April 22, 2026 10:18
Status Failure
Total duration 9m 31s
Artifacts 11

build.yaml

on: push
🔐 Verify Signed Commits
7s
🔐 Verify Signed Commits
⚖️ Verify SPDX License Headers
5s
⚖️ Verify SPDX License Headers
🧾 Validate VEX Statements
0s
🧾 Validate VEX Statements
🛡️ Security Vulnerability Scan
12s
🛡️ Security Vulnerability Scan
🔎 SAST (Semgrep)
35s
🔎 SAST (Semgrep)
🏗️ IaC Security Scan (Trivy config)
22s
🏗️ IaC Security Scan (Trivy config)
🧪 cargo-deny (License + Advisory + Sources)
21s
🧪 cargo-deny (License + Advisory + Sources)
🏷️ Extract Version Information
6s
🏷️ Extract Version Information
🎨 Check Formatting
0s
🎨 Check Formatting
Matrix: build
📦 Package Deployment Manifests
0s
📦 Package Deployment Manifests
📎 Clippy
0s
📎 Clippy
Matrix: ✍️ Sign Binary Artifacts
🔬 Generate SLSA Provenance Subjects
3s
🔬 Generate SLSA Provenance Subjects
Matrix: docker
🏛️ Generate SLSA Provenance  /  detect-env
7s
🏛️ Generate SLSA Provenance / detect-env
🧾 Assemble OpenVEX
21s
🧾 Assemble OpenVEX
Matrix: attest
🏛️ Generate SLSA Provenance  /  generator
24s
🏛️ Generate SLSA Provenance / generator
Matrix: grype
🏛️ Generate SLSA Provenance  /  upload-assets
🏛️ Generate SLSA Provenance / upload-assets
🏛️ Generate SLSA Provenance  /  final
2s
🏛️ Generate SLSA Provenance / final
🚀 Upload Release Assets
0s
🚀 Upload Release Assets
Fit to window
Zoom out
Zoom in

Annotations

1 error and 15 warnings
🛡️ Security Vulnerability Scan
Process completed with exit code 1.
🛡️ Security Vulnerability Scan
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@v4, actions/upload-artifact@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
🏗️ IaC Security Scan (Trivy config)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
🦀 Build - Linux ARM64
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
🦀 Build - Linux x86_64
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
🏛️ Generate SLSA Provenance / detect-env
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: slsa-framework/slsa-github-generator/.github/actions/detect-workflow-js@v2.1.0. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
🏛️ Generate SLSA Provenance / generator
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: ./__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256, ./__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check, actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683, actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34, actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
🏛️ Generate SLSA Provenance / generator
Restore cache failed: Dependencies file is not found in /home/runner/work/5-spot/5-spot. Supported file pattern: go.sum
🧪 Test
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
🐳 Build and Push Docker Image - Chainguard
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093, docker/login-action@v3, docker/setup-buildx-action@v3. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Variables should be defined before their use: Dockerfile.chainguard#L40
UndefinedVar: Usage of undefined variable '$BASE_IMAGE' More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
🐳 Build and Push Docker Image - Distroless
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093, docker/login-action@v3, docker/setup-buildx-action@v3. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
🔏 Attest Docker Image - Distroless
Please check that the "artifact-metadata:write" permission has been included
🔏 Attest Docker Image - Distroless
Failed to create storage record: Error: Failed to persist storage record: no artifacts found - https://docs.github.com/rest/orgs/artifact-metadata#create-artifact-metadata-storage-record
🔏 Attest Docker Image - Chainguard
Please check that the "artifact-metadata:write" permission has been included
🔏 Attest Docker Image - Chainguard
Failed to create storage record: Error: Failed to persist storage record: no artifacts found - https://docs.github.com/rest/orgs/artifact-metadata#create-artifact-metadata-storage-record

Artifacts

Produced during runtime
Name Size Digest
0.0.0-main.2026-04-22.81.intoto.jsonl Expired
9.97 KB
sha256:f4b6c4d64bc7a496e0af7062293e15328504a6f31cde9aea0743baea1a509754
5spot-linux-amd64 Expired
5.18 MB
sha256:438c71820dbe385588f64568272c3ded38b5b94e0a3bea37e6ce939a8e17ad31
5spot-linux-amd64-signed
5.01 MB
sha256:78a81672cb80f2ab8472be072a2e349dcff8f17057af1e38ef10c234783e9f97
5spot-linux-arm64 Expired
4.98 MB
sha256:6b7dff336f74e15a7c106dd93e22b06aa9a58e794b0bda65b7745b3280f046c0
5spot-linux-arm64-signed
4.72 MB
sha256:e9029446fc98a28e72fd282060655cb37f23a271a9d4377506599c0acce6e01a
cargo-audit-report
1.1 KB
sha256:545cdfda65353e5048a66600dac56634bd82a16b36b96afd9659b017b7e73605
finos~5-spot~9FJCW9.dockerbuild
134 KB
sha256:ca41217c052e310714077c5ba58fa11840d2ad04fba73b8459f9595c61af12d6
finos~5-spot~PU9VLF.dockerbuild
77.8 KB
sha256:482a998cd2907702a666b0c1dfb510b9db2d583217afb7fc5318a0104a4b5108
grype-push-Chainguard-81
3.69 KB
sha256:6a69989fdc94104270373c8bd45b0095515c3b479a3411ea78565f9eb0afd358
grype-push-Distroless-81
3.71 KB
sha256:90e0061dc15a3b5f34a6b1d8db0dcc7eac04385e1b132682a4ebab0d299d458e
openvex
1.46 KB
sha256:5a4eb7d2977d5d08595d2cd2fc49b2c4776c135260b8c5ff1e317a2414a2e303