ROX-33178: GetImagesForDeployment should pass imageIdV2s to imageV2DataStore#19169
Open
charmik-redhat wants to merge 3 commits intomasterfrom
Open
Conversation
Contributor
|
Images are ready for the commit at 9c116c7. To use with deploy scripts, first |
Contributor
There was a problem hiding this comment.
Hey - I've left some high level feedback:
- The
runGetImagesForDeploymentTesthelper now branches onfeatures.FlattenImageData, which makes the test behavior depend on global feature configuration; consider structuring this as an explicit table-driven test that exercises both code paths deterministically instead of relying on the runtime feature flag state. - In
GetImagesForDeployment, the feature-flag-specific logic for collecting image IDs is now nested and somewhat repetitive; consider extracting the ID selection into a small helper or using a single loop that switches the field based on the flag to keep this function easier to read and maintain.
Prompt for AI Agents
Please address the comments from this code review:
## Overall Comments
- The `runGetImagesForDeploymentTest` helper now branches on `features.FlattenImageData`, which makes the test behavior depend on global feature configuration; consider structuring this as an explicit table-driven test that exercises both code paths deterministically instead of relying on the runtime feature flag state.
- In `GetImagesForDeployment`, the feature-flag-specific logic for collecting image IDs is now nested and somewhat repetitive; consider extracting the ID selection into a small helper or using a single loop that switches the field based on the flag to keep this function easier to read and maintain.Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
|
@charmik-redhat: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
GetImagesForDeployment function passed image SHAs as IDs to imageV2DataStore. This would result in no images being found for the deployment. Instead, the function should pass ImageV2IDs to the datastore. This function is also used in DryRun of policies. Because of this, the dry run endpoint did not return any violations for image related criteria.
Additionally, updated
fixtures/deployment.goto set ImageName.FullName when generating test image, which resulted in having to update expected ImageName in other tests that used the fixture too. This is needed because the ImgeV2 ID generation requires non-empty image name and sha. In reality too, the imageName is only initialized in two places except for the test files:pkg/images/utils/utils.go:GenerateImageFromString(and similar functions) always set the FullName to a non-empty value. So it is never empty.sensor/kubernetes/eventpipeline/pipeline_impl.go:processInvalidateImageCacheis only used to invalidate images from sensor cache. Even for that, the fullName is always set to a non-empty value when central withFlattenImageDatacapability sends InvalidateImageCache message with.All that to say that FullName being empty does not seem like a bug for ImageV2 generation because it is always set to a non-empty value when an image object is initialized.
Note that
central/clusters/deployer.goalso generates ImageNames and herefullNamecan be empty but those ImageNames are used only to fill Helm chart values for secured-cluster installs and are never stored in the database or scanned/enriched by Central.User-facing documentation
Testing and quality
Automated testing
How I validated my change