Skip to content

ROX-33325: Classify policy criteria fields as image enrichhment reqd#19412

Merged
clickboo merged 1 commit intomasterfrom
boo-image-enrichment-policy-fields
Mar 16, 2026
Merged

ROX-33325: Classify policy criteria fields as image enrichhment reqd#19412
clickboo merged 1 commit intomasterfrom
boo-image-enrichment-policy-fields

Conversation

@clickboo
Copy link
Contributor

@clickboo clickboo commented Mar 13, 2026
edited
Loading

Description

This PR adds support for classifying policy criteria based on whether they require image enrichment data or not to be evaluated. This is a foundational PR, for a follow on PR which will add policy eval webhook changes to use image enrichment required policies optimally.

Also needed renaming a function called ContainsEnrichmentRequiredFields to AlertsOnMissingEnrichment for both correctness and readability.

User-facing documentation

Testing and quality

  • the change is production ready: the change is GA, or otherwise the functionality is gated by a feature flag
  • CI results are inspected

Automated testing

  • added unit tests
  • added e2e tests
  • added regression tests
  • added compatibility tests
  • modified existing tests

How I validated my change

CI, manual regression tests for admission controller on infra cluster.

@clickboo
Copy link
Contributor Author

clickboo commented Mar 13, 2026

This change is part of the following stack:

Change managed by git-spice.

@openshift-ci
Copy link

openshift-ci bot commented Mar 13, 2026

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

sourcery-ai[bot]
sourcery-ai bot reviewed Mar 13, 2026
View reviewed changes
Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - I've reviewed your changes and they look great!

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@rhacs-bot
Copy link
Contributor

rhacs-bot commented Mar 13, 2026
edited
Loading

Images are ready for the commit at 2849cde.

To use with deploy scripts, first export MAIN_IMAGE_TAG=4.11.x-321-g2849cde59f.

@clickboo clickboo force-pushed the boo-image-enrichment-policy-fields branch 3 times, most recently from efa0123 to 1b8beb5 Compare March 13, 2026 11:56
@clickboo clickboo changed the title ROX-33325: Classify policy criteria fields as image enrichhment required ROX-33325: Classify policy criteria fields as image enrichhment reqd Mar 13, 2026
@clickboo
Copy link
Contributor Author

clickboo commented Mar 13, 2026

/test all

@codecov
Copy link

codecov bot commented Mar 13, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 54.16667% with 11 lines in your changes missing coverage. Please review.
✅ Project coverage is 49.70%. Comparing base (ac93c38) to head (2849cde).
⚠️ Report is 2 commits behind head on master.

Files with missing lines Patch % Lines
pkg/booleanpolicy/field_metadata.go 28.57% 5 Missing ⚠️
pkg/detection/compiled_policy.go 50.00% 2 Missing ⚠️
...r/admission-control/manager/evaluate_deploytime.go 0.00% 2 Missing ⚠️
sensor/admission-control/manager/manager_impl.go 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #19412      +/-   ##
==========================================
- Coverage   49.71%   49.70%   -0.02%     
==========================================
  Files        2701     2702       +1     
  Lines      203453   203518      +65     
==========================================
+ Hits       101143   101153      +10     
- Misses      94784    94837      +53     
- Partials     7526     7528       +2
Flag Coverage Δ
go-unit-tests 49.70% <54.16%> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@clickboo
Copy link
Contributor Author

clickboo commented Mar 13, 2026

/test ocp-4-21-nongroovy-e2e-tests

@clickboo clickboo marked this pull request as ready for review March 13, 2026 14:47
@clickboo clickboo requested review from a team as code owners March 13, 2026 14:47
@clickboo clickboo requested a review from Stringy March 13, 2026 14:49
sourcery-ai[bot]
sourcery-ai bot reviewed Mar 13, 2026
View reviewed changes
Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - I've reviewed your changes and they look great!

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@clickboo clickboo mentioned this pull request Mar 13, 2026
Open
9 tasks
dashrews78
dashrews78 approved these changes Mar 13, 2026
View reviewed changes
Copy link
Contributor

@dashrews78 dashrews78 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Will be easier to tell when the PRs that use it start trickling it.

This was referenced Mar 15, 2026
Open
Draft
@clickboo clickboo force-pushed the boo-image-enrichment-policy-fields branch from 1b8beb5 to 2849cde Compare March 16, 2026 05:22
@clickboo clickboo merged commit 9f22a59 into master Mar 16, 2026
100 checks passed
@clickboo clickboo deleted the boo-image-enrichment-policy-fields branch March 16, 2026 08:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

@Stringy Stringy Stringy approved these changes

@dashrews78 dashrews78 dashrews78 approved these changes

Assignees

No one assigned

Labels

ai-review area/admission-controller area/sensor

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@clickboo @rhacs-bot @Stringy @dashrews78