Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ROX-26604: Add layer lineage to RHEL v2 data model #1720

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

ROX-26604: Add layer lineage to RHEL v2 data model #1720

wants to merge 4 commits into from
+232 −47

Conversation

dcaravel
Copy link
Contributor

@dcaravel dcaravel commented Nov 27, 2024
edited
Loading

Description

Fixes an edge case that could cause discrepancies in scan versions, packages, etc. when images have a common layer but with different parent layers.

CI issues will be fixed by #1737

Testing

Unit and e2e tests added. Test image details at stackrox/stackrox#13558

Also manually tested. The test images below have the same top/bottom layers but different middle layers, also they have tags that represent the version of the openjdk packages within the image for comparison.

Before fix:
Wrong version returned for 2nd scan:

$ rctl image scan -f --image=quay.io/dcaravel/temp:jdk-17.0.11.0.9-2.el8.x86_64 2>/dev/null | jq -r '.scan.components[] | select (.name == "java-17-openjdk-headless") | .name,.version'

java-17-openjdk-headless
1:17.0.11.0.9-2.el8.x86_64
$ rctl image scan -f --image=quay.io/dcaravel/temp:jdk-17.0.12.0.7-2.el8.x86_64 2>/dev/null | jq -r '.scan.components[] | select (.name == "java-17-openjdk-headless") | .name,.version'

java-17-openjdk-headless
1:17.0.11.0.9-2.el8.x86_64

After fix:
Correct versions returned for both scans

$ rctl image scan -f --image=quay.io/dcaravel/temp:jdk-17.0.11.0.9-2.el8.x86_64 2>/dev/null | jq -r '.scan.components[] | select (.name == "java-17-openjdk-headless") | .name,.version'

java-17-openjdk-headless
1:17.0.11.0.9-2.el8.x86_64
$ rctl image scan -f --image=quay.io/dcaravel/temp:jdk-17.0.12.0.7-2.el8.x86_64 2>/dev/null | jq -r '.scan.components[] | select (.name == "java-17-openjdk-headless") | .name,.version'

java-17-openjdk-headless
1:17.0.12.0.7-2.el8.x86_64

@dcaravel dcaravel changed the title [WIP DO NOT MERGE] ROX-26604: Add layer lineage to RHEL v2 data model ROX-26604: Add layer lineage to RHEL v2 data model Dec 5, 2024
@dcaravel dcaravel mentioned this pull request Dec 10, 2024
Merged
4 tasks
@dcaravel dcaravel marked this pull request as ready for review December 10, 2024 00:19
@stackrox stackrox deleted a comment from openshift-ci bot Dec 10, 2024
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Dec 11, 2024

@dcaravel: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-tests 7ecfa77 link false /test e2e-tests

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@dcaravel dcaravel requested review from a team, jvdm, BradLugo, daynewlee and RTann December 11, 2024 03:20
@dcaravel
Copy link
Contributor Author

Current CI failures will be fixed by #1737 - once merged will rebase this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jvdm jvdm Awaiting requested review from jvdm

@BradLugo BradLugo Awaiting requested review from BradLugo

@daynewlee daynewlee Awaiting requested review from daynewlee

@RTann RTann Awaiting requested review from RTann

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dcaravel