sigstore
Control the policy controller monitoring resources from chart, enhanc…
…ment for the current implmentation to hadd all the resources by default, The new change add avail to pass resourcesNames through the chart with list of resources comma sperataed for which resources to be monitored by the policy controller, the default is all resources if the flag wasn't presented in the chart
This PR resolves https://github.com/sigstore/policy-controller/issues/1388
Signed-off-by: Senan Zedan (EXT-Nokia) [email protected]
Summary
The new change add avail to pass resourcesNames through the chart with list of resources comma sperataed for which resources to be monitored by the policy controller, the default is all resources if the flag wasn't presented in the chart
Could you add some tests, maybe here: https://github.com/sigstore/policy-controller/tree/main/test
@vaikas - per your request, test added.
That does not really test any of this new code. You'd have to add a test that launches policy controller with these new flags, here's one example where we change the policy-controller behaviour by the flags: https://github.com/sigstore/policy-controller/blob/b3af2f053ba9b652c96a99b08580e75ed2788cbc/.github/workflows/kind-cluster-image-policy-tsa.yaml#L125
So, create a new kustomize file that launches policy controller with say --resource-name=pods, and customize it like here: https://github.com/sigstore/policy-controller/blob/b3af2f053ba9b652c96a99b08580e75ed2788cbc/.github/workflows/kind-cluster-image-policy-tsa.yaml#L136
And then after the policy-controller has been started with the flags under test, you'd run your new test: https://github.com/sigstore/policy-controller/blob/b3af2f053ba9b652c96a99b08580e75ed2788cbc/.github/workflows/kind-cluster-image-policy-tsa.yaml#L177
It should at the bare minimum have a negative test and a positive test. So, if you're using resource-name pods, then launching a deployment with a failing config should succeed if you instead launch a pod.
Codecov Report
:x: Patch coverage is 0% with 26 lines in your changes missing coverage. Please review.
:white_check_mark: Project coverage is 42.66%. Comparing base (50ef092) to head (8723902).
:warning: Report is 373 commits behind head on main.
| Files with missing lines | Patch % | Lines |
|---|---|---|
| cmd/webhook/main.go | 0.00% | 26 Missing :warning: |
Additional details and impacted files
@@ Coverage Diff @@
## main #1687 +/- ##
===========================================
- Coverage 52.92% 42.66% -10.27%
===========================================
Files 44 121 +77
Lines 3979 9010 +5031
===========================================
+ Hits 2106 3844 +1738
- Misses 1651 4811 +3160
- Partials 222 355 +133
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
:rocket: New features to boost your workflow:
- :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Looks like some of the changes I requested, and you marked as fixed have not made it in to this PR 🤔 ?
Also, looks like bunch of sed commands are failing, for example:
https://github.com/sigstore/policy-controller/actions/runs/12234409121/job/34140387122?pr=1687#step:14:132
Hi Ville, Fixed them locally and working in the last comment to add tests. Updated PR will raise soon.
On Mon, 9 Dec 2024 at 18:48 Ville Aikas @.***> wrote:
Looks like some of the changes I requested, and you marked as fixed have not made it in to this PR 🤔 ?
Also, looks like bunch of sed commands are failing, for example:
https://github.com/sigstore/policy-controller/actions/runs/12234409121/job/34140387122?pr=1687#step:14:132
— Reply to this email directly, view it on GitHub https://github.com/sigstore/policy-controller/pull/1687#issuecomment-2528676880, or unsubscribe https://github.com/notifications/unsubscribe-auth/AIDIUC3MMEW4UY6HLKCMUCL2EXCUBAVCNFSM6AAAAABRCWYFPSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDKMRYGY3TMOBYGA . You are receiving this because you authored the thread.Message ID: @.***>
@senanz Thank you for creating a great PR. I'm looking forward to this PR being merged and released soon. Do you have any plans to update this PR? If for any reason it is difficult to update the PR, I'm considering offering my assistance.
hi @0xiso , Will back to work on that early next week, will ping you on slack and for sure we can collaborate.
Hi @senanz, I apologize for asking multiple times, but are there any updates? Please let me know if there's anything I can do to help merge this PR; I'd be happy to.
