Skip to content

Commit

Permalink
Return why an artifact was skipped from the artifact ingester
Browse files Browse the repository at this point in the history
This is helpful to debug artifact evaluation
  • Loading branch information
jhrozek committed Aug 31, 2023
1 parent b8aafad commit 5f0c464
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 7 deletions.
1 change: 1 addition & 0 deletions internal/engine/executor.go
Original file line number Diff line number Diff line change
Expand Up @@ -539,6 +539,7 @@ func (e *Executor) handleArtifactPublishedEvent(ctx context.Context, prov string
}

result := rte.Eval(ctx, versionedArtifact, rule.Def.AsMap(), rule.Params.AsMap())
log.Printf("artifact eval result: %s", result)
return e.createOrUpdateEvalStatus(ctx, &createOrUpdateEvalStatusParams{
policyID: *pol.Id,
repoID: dbrepo.ID,
Expand Down
19 changes: 12 additions & 7 deletions internal/engine/ingester/artifact/artifact.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,9 @@ func (_ *Ingest) Ingest(
return nil, fmt.Errorf("expected VersionedArtifact, got %T", ent)
}

if !isApplicableArtifact(versionedArtifact, cfg) {
return nil, evalerrors.ErrEvaluationSkipSilently
applicable, msg := isApplicableArtifact(versionedArtifact, cfg)
if !applicable {
return nil, evalerrors.NewErrEvaluationSkipSilently(msg)
}

result := struct {
Expand All @@ -89,22 +90,26 @@ func (_ *Ingest) Ingest(
func isApplicableArtifact(
versionedArtifact *pb.VersionedArtifact,
cfg *ingesterConfig,
) bool {
) (bool, string) {
if newArtifactIngestType(versionedArtifact.Artifact.Type) != cfg.Type {
// not interested in this type of artifact
return false
return false, "artifact type mismatch"
}

if cfg.Name != versionedArtifact.Artifact.Name {
// not interested in this artifact
return false
return false, "artifact name mismatch"
}

// no tags is treated as a wildcard and matches any container. This might be configurable in the future
if len(cfg.Tags) == 0 {
return true
return true, ""
}

haveTags := sets.New(versionedArtifact.Version.Tags...)
return haveTags.HasAny(cfg.Tags...)
tagsOk := haveTags.HasAny(cfg.Tags...)
if !tagsOk {
return false, "artifact tags mismatch"
}
return true, ""
}

0 comments on commit 5f0c464

Please sign in to comment.