No GC Handler #27
No GC Handler #27
Conversation
alecmerdler
force-pushed
the
noop-handler
branch
2 times, most recently
from
fdb47d0 to
61fb857
Compare
labeller/manifest.go
Outdated
| // Noop label | ||
| if _, ok := updatedManifest.GetLabels()["imagemanifestvuln.example"]; ok { | ||
| return nil | ||
| } |
There was a problem hiding this comment.
Put this before updatedManifest is called.
labeller/labeller.go
Outdated
| @@ -506,3 +511,12 @@ func (l *Labeller) podInNamespaces(pod *corev1.Pod) bool { | |||
| } | |||
| return false | |||
| } | |||
|
|
|||
| func (l *Labeller) handleNoop(obj, oldObj *secscanv1alpha1.ImageManifestVuln) { | |||
| if _, ok := obj.GetLabels()["imagemanifestvuln.example"]; ok && !reflect.DeepEqual(obj.Spec, oldObj.Spec) { | |||
There was a problem hiding this comment.
Should we change the label name to something more descriptive?
imagemanifestvuln.skipgc?
Also, is an annotation better for this use case?
|
|
||
| func (l *Labeller) handleNoop(obj, oldObj *secscanv1alpha1.ImageManifestVuln) { | ||
| if _, ok := obj.GetLabels()["imagemanifestvuln.example"]; ok && !reflect.DeepEqual(obj.Spec, oldObj.Spec) { | ||
| _, err := l.sclient.SecscanV1alpha1().ImageManifestVulns(obj.GetNamespace()).UpdateStatus(updateImageManifestVulnLastUpdate(obj)) |
There was a problem hiding this comment.
It's not really a noop if it's updating the status.
There was a problem hiding this comment.
Right, noop isn't the best wording. We're essentially trying to implement something that will pass the operator-scorecard test that assumes that a user will create an ImageManifestVuln from the alm-examples annotation on our CSV, and expects the status block to change if they update the spec. This Operator doesn't work like that, but we can add a special handler for it.
alecmerdler
force-pushed
the
noop-handler
branch
2 times, most recently
from
649685d to
f208adf
Compare
|
Holding off on merging until I confirm it passes the |
alecmerdler
force-pushed
the
noop-handler
branch
from
f208adf to
dba8174
Compare
|
@alecmerdler: PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Description
If an
ImageManifestVulnis created by a user with the noop label, don't garbage collect it.Fixes this test issue with
operator-scorecard