[ISV-5446] static check for catalog bundle images #753
Conversation
ansible/roles/operator-pipeline/templates/openshift/tasks/run-static-tests.yml
Show resolved
Hide resolved
| catalogs = OperatorCatalogList( | ||
| [ | ||
| catalog | ||
| for catalog in operator.all_operator_catalogs() |
There was a problem hiding this comment.
I am not sure if I understand this loop. The affected_catalogs.split(",") returns a list of strings, right? The operator.all_operator_catalogs() returns a list of OperatorCatalog. And then you compare if OperatorCatalog in a list of strings. How it this going to work? Or am I missing anything here?
Also if you already have a list of affected catalogs, why don't you initiate it directly using OperatorCatalog(<path_to_operator_catalog>) constructor and instead use an operator and its edge to get to it? If we ever make these types completely independent (operator and operatorCatalog) it won't work.
There was a problem hiding this comment.
Operator catalog is comparable to string and it works both ways.
I don't understand what you mean by If we ever make these types completely independent? Is there such a plan? As of now, we always have an Operator (as it is affected by the catalog change iirc) and using the edge give me all its catalogs. I can see that there is the way to get specific catalog like OperatorCatalog(repo.root / "catalogs" / "v4.13/kiali") - for me having the path already provided by the Operator sounds more straightforward, but I am open to discussion.
There was a problem hiding this comment.
Changed the logic to use repo.catalog_path()
There was a problem hiding this comment.
@Allda I reverted this logic back to use the operator to operator_catalogs edge - the affected_catalogs contain also removed catalogs and this way we can filter them out. Initiate catalog directly OperatorCatalog(<path_to_operator_catalog>) raise exception for deleted operator catalogs.
operator-pipeline-images/operatorcert/entrypoints/static_tests.py
Outdated
Show resolved
Hide resolved
operator-pipeline-images/operatorcert/static_tests/common/catalog.py
Outdated
Show resolved
Hide resolved
operator-pipeline-images/operatorcert/static_tests/common/catalog.py
Outdated
Show resolved
Hide resolved
operator-pipeline-images/operatorcert/static_tests/common/catalog.py
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
The are couple of things that need to be fixed or updated. Please also add the new test into a documenation https://github.com/redhat-openshift-ecosystem/operator-pipelines/blob/main/docs/users/static_checks.md
openshift-merge-robot
added
the
needs-rebase
address comments
openshift-merge-robot
removed
the
needs-rebase
|
I did some updates and to verify the results run the pipeline for FBC and also integration tests - both with expected results. |
This PR adds logic to validate file based catalogs in static checks, with first fbc check
check_bundle_images_in_fbc.Example pipeline run can be found here. The validation is done thanks to config.yaml key allowed_bundle_registries. In the test run two catalogs were updated, but only one failure is detected, as one of the bundles use allowed registry.
If the key
allowed_bundle_registriesis missing in config.yaml, then the bundle image validation is internally skipped (without the config the new check is turned off).Closes ISV-5446