Skip to content

Commit

Permalink
Images fix
Browse files Browse the repository at this point in the history
  • Loading branch information
stuartwdouglas committed Feb 2, 2024
1 parent fd26525 commit 2722138
Show file tree
Hide file tree
Showing 9 changed files with 31 additions and 9 deletions.
2 changes: 2 additions & 0 deletions deploy/crds/base/jvmbuildservice.io_jvmimagescans.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@ spec:
type: object
status:
properties:
digest:
type: string
message:
type: string
results:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ RegistryClient extractLayers(String image, Consumer<DescriptorDigest> layerConsu
ImageReference imageReference = ImageReference.parse(image);
RegistryClient registryClient = ContainerUtil.getRegistryClient(imageReference, null, false);
ManifestAndDigest<ManifestTemplate> result = registryClient.pullManifest(imageReference.getQualifier());
imageDigest = result.getDigest().toString();
if (result.getManifest() instanceof V21ManifestTemplate) {
V21ManifestTemplate template = (V21ManifestTemplate) result.getManifest();
for (var layer : template.getLayerDigests()) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,8 @@ public abstract class AnalyserBase implements Runnable {
@Inject
Instance<ResultsUpdater> resultsUpdater;

protected String imageDigest = "";

@Override
public void run() {
try {
Expand Down Expand Up @@ -120,7 +122,8 @@ private void handleAllDependencies(Set<TrackingData> trackingData) throws Except
}
}
}
resultsUpdater.get().updateResults(taskRunName, Map.of("JVM_DEPENDENCIES", result.toString()));
resultsUpdater.get().updateResults(taskRunName,
Map.of("JVM_DEPENDENCIES", result.toString(), "IMAGE_DIGEST", imageDigest));
}

abstract void doAnalysis(Set<String> gavs, Set<TrackingData> trackingData) throws Exception;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ public static ContainerImage getOrCreate(String image, Instant timestamp) {
String tag = "";
int tagIndex = imagePart.indexOf(":");
if (tagIndex > 0) {
tag = image.substring(tagIndex);
tag = imagePart.substring(tagIndex + 1);
imagePart = imagePart.substring(0, tagIndex);
}
ContainerImageRepository repo = ContainerImageRepository.getOrCreate(imagePart);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -92,9 +92,12 @@ public void onDelete(JvmImageScan obj, boolean deletedFinalStateUnknown) {
ContainerImage ensureImageExists(JvmImageScan resource) {
var image = resource.getSpec().getImage();
if (!image.contains("@")) {
Log.errorf("image %s has no digest, not saving scan result", image);
client.resource(resource).delete();
return null;
if (resource.getStatus() != null && resource.getStatus().getDigest() != null
&& !resource.getStatus().getDigest().isEmpty()) {
image = image + "@" + resource.getStatus().getDigest();
} else {
return null;
}
}
ContainerImage containerImage = ContainerImage.getOrCreate(image,
Instant.parse(resource.getMetadata().getCreationTimestamp()));
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ const ImageList: React.FunctionComponent = () => {
setState('error');
setError(err);
});
}, [count, page, perPage]);
}, [page, perPage]);

if (state === 'error')
return (
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@ spec:
type: object
status:
properties:
digest:
type: string
message:
type: string
results:
Expand Down
1 change: 1 addition & 0 deletions pkg/apis/jvmbuildservice/v1alpha1/jvmimagescan_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ type JvmImageScanSpec struct {

type JvmImageScanStatus struct {
State JvmImageDependenciesState `json:"state,omitempty"`
Digest string `json:"digest,omitempty"`
Message string `json:"message,omitempty"`
Results []JavaDependency `json:"results,omitempty"`
}
Expand Down
16 changes: 13 additions & 3 deletions pkg/reconciler/jvmimagescan/jvmimagescan.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ const (
ImageScanFinalizer = "jvmbuildservice.io/image-analysis-finalizer"
ImageScanPipelineRunLabel = "jvmbuildservice.io/image-analysis-pipelinerun"
JvmDependenciesResult = "JVM_DEPENDENCIES"
ImageDigestResult = "IMAGE_DIGEST"
)

type ReconcileImageScan struct {
Expand Down Expand Up @@ -143,13 +144,19 @@ func (r *ReconcileImageScan) handlePipelineRunReceived(ctx context.Context, log
if err != nil {
return reconcile.Result{}, err
}
deps := ""
if pr.Status.Results != nil {
for _, prRes := range pr.Status.Results {
if prRes.Name == JvmDependenciesResult {
return reconcile.Result{}, r.handleJavaDependencies(ctx, strings.Split(prRes.Value.StringVal, ","), &ia)
deps = prRes.Value.StringVal
} else if prRes.Name == ImageDigestResult {
ia.Status.Digest = prRes.Value.StringVal
}
}
}
if deps != "" {
return reconcile.Result{}, r.handleJavaDependencies(ctx, strings.Split(deps, ","), &ia)
}
ia.Status.State = v1alpha1.JvmImageScanStateFailed
return reconcile.Result{}, r.client.Status().Update(ctx, &ia)
}
Expand Down Expand Up @@ -255,14 +262,17 @@ func (r *ReconcileImageScan) createLookupPipeline(ctx context.Context, log logr.
//TODO: this pulls twice

return &tektonpipeline.PipelineSpec{
Results: []tektonpipeline.PipelineResult{{Name: JvmDependenciesResult, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: "$(tasks.task.results." + JvmDependenciesResult + ")"}}},
Results: []tektonpipeline.PipelineResult{
{Name: JvmDependenciesResult, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: "$(tasks.task.results." + JvmDependenciesResult + ")"}},
{Name: ImageDigestResult, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: "$(tasks.task.results." + ImageDigestResult + ")"}},
},
Tasks: []tektonpipeline.PipelineTask{
{
Name: "task",
TaskSpec: &tektonpipeline.EmbeddedTask{
TaskSpec: tektonpipeline.TaskSpec{
Volumes: []corev1.Volume{{Name: "data", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{}}}},
Results: []tektonpipeline.TaskResult{{Name: JvmDependenciesResult}},
Results: []tektonpipeline.TaskResult{{Name: JvmDependenciesResult}, {Name: ImageDigestResult}},
Steps: []tektonpipeline.Step{
{
Name: "run-syft",
Expand Down

0 comments on commit 2722138

Please sign in to comment.