Add lib to preflight

Testing the lib Switch back to old repo name Dep updates Operator Framework update lock otel more dep updates Dep update update deps Add NewManualConfig Add NewManualOperatorConfig Rename back Address comments; move lib to /internal Remove manual config funcs enable testing in lib package and add operator instantiator coverage Signed-off-by: Jose R. Gonzalez <jose@flutes.dev> correct case for comments on newly exported types and functons Signed-off-by: Jose R. Gonzalez <jose@flutes.dev> remove duplicate writeJUnit func and migrate test Signed-off-by: Jose R. Gonzalez <jose@flutes.dev>
redhat-openshift-ecosystem · Oct 25, 2022 · f1a88e5 · f1a88e5
1 parent a41492b
commit f1a88e5
Show file tree

Hide file tree

Showing 15 changed files with 953 additions and 865 deletions.
diff --git a/certification/runtime/result_writer.go b/certification/runtime/result_writer.go
@@ -5,7 +5,7 @@ import (
 	"os"
 )
 
-// ResultWriterFile implements a resultWriter for use at preflight runtime.
+// ResultWriterFile implements a ResultWriter for use at preflight runtime.
 type ResultWriterFile struct {
 	file *os.File
 }

diff --git a/cmd/check.go b/cmd/check.go
@@ -1,16 +1,8 @@
 package cmd
 
 import (
-	"bytes"
-	"context"
-	"fmt"
 	"strings"
 
-	"github.com/redhat-openshift-ecosystem/openshift-preflight/certification/artifacts"
-	"github.com/redhat-openshift-ecosystem/openshift-preflight/certification/formatters"
-	"github.com/redhat-openshift-ecosystem/openshift-preflight/certification/runtime"
-
-	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
@@ -36,52 +28,10 @@ func checkCmd() *cobra.Command {
 	return checkCmd
 }
 
-// writeJUnit will write results as JUnit XML using the built-in formatter.
-func writeJUnit(ctx context.Context, results runtime.Results) error {
-	var cfg runtime.Config
-	cfg.ResponseFormat = "junitxml"
-
-	junitformatter, err := formatters.NewForConfig(cfg.ReadOnly())
-	if err != nil {
-		return err
-	}
-	junitResults, err := junitformatter.Format(ctx, results)
-	if err != nil {
-		return err
-	}
-
-	junitFilename, err := artifacts.WriteFile("results-junit.xml", bytes.NewReader((junitResults)))
-	if err != nil {
-		return err
-	}
-	log.Tracef("JUnitXML written to %s", junitFilename)
-
-	return nil
-}
-
 func resultsFilenameWithExtension(ext string) string {
 	return strings.Join([]string{"results", ext}, ".")
 }
 
-func buildConnectURL(projectID string) string {
-	connectURL := fmt.Sprintf("https://connect.redhat.com/projects/%s", projectID)
-
-	pyxisEnv := viper.GetString("pyxis_env")
-	if len(pyxisEnv) > 0 && pyxisEnv != "prod" {
-		connectURL = fmt.Sprintf("https://connect.%s.redhat.com/projects/%s", viper.GetString("pyxis_env"), projectID)
-	}
-
-	return connectURL
-}
-
-func buildOverviewURL(projectID string) string {
-	return fmt.Sprintf("%s/overview", buildConnectURL(projectID))
-}
-
-func buildScanResultsURL(projectID string, imageID string) string {
-	return fmt.Sprintf("%s/images/%s/scan-results", buildConnectURL(projectID), imageID)
-}
-
 func convertPassedOverall(passedOverall bool) string {
 	if passedOverall {
 		return "PASSED"

diff --git a/cmd/check_container.go b/cmd/check_container.go
@@ -1,15 +1,13 @@
 package cmd
 
 import (
-	"context"
 	"fmt"
 	"strings"
 
 	"github.com/redhat-openshift-ecosystem/openshift-preflight/certification"
-	"github.com/redhat-openshift-ecosystem/openshift-preflight/certification/engine"
 	"github.com/redhat-openshift-ecosystem/openshift-preflight/certification/formatters"
-	"github.com/redhat-openshift-ecosystem/openshift-preflight/certification/policy"
 	"github.com/redhat-openshift-ecosystem/openshift-preflight/certification/runtime"
+	"github.com/redhat-openshift-ecosystem/openshift-preflight/internal/lib"
 	"github.com/redhat-openshift-ecosystem/openshift-preflight/version"
 
 	log "github.com/sirupsen/logrus"
@@ -52,53 +50,6 @@ func checkContainerCmd() *cobra.Command {
 	return checkContainerCmd
 }
 
-// checkContainerRunner contains all of the components necessary to run checkContainer.
-type checkContainerRunner struct {
-	cfg       *runtime.Config
-	pc        pyxisClient
-	eng       engine.CheckEngine
-	formatter formatters.ResponseFormatter
-	rw        resultWriter
-	rs        resultSubmitter
-}
-
-func newCheckContainerRunner(ctx context.Context, cfg *runtime.Config) (*checkContainerRunner, error) {
-	cfg.Policy = policy.PolicyContainer
-	cfg.Submit = submit
-
-	pyxisClient := newPyxisClient(ctx, cfg.ReadOnly())
-	// If we have a pyxisClient, we can query for container policy exceptions.
-	if pyxisClient != nil {
-		policy, err := getContainerPolicyExceptions(ctx, pyxisClient)
-		if err != nil {
-			return nil, err
-		}
-
-		cfg.Policy = policy
-	}
-
-	engine, err := engine.NewForConfig(ctx, cfg.ReadOnly())
-	if err != nil {
-		return nil, err
-	}
-
-	fmttr, err := formatters.NewForConfig(cfg.ReadOnly())
-	if err != nil {
-		return nil, err
-	}
-
-	rs := resolveSubmitter(pyxisClient, cfg.ReadOnly())
-
-	return &checkContainerRunner{
-		cfg:       cfg,
-		pc:        pyxisClient,
-		eng:       engine,
-		formatter: fmttr,
-		rw:        &runtime.ResultWriterFile{},
-		rs:        rs,
-	}, nil
-}
-
 // checkContainerRunE executes checkContainer using the user args to inform the execution.
 func checkContainerRunE(cmd *cobra.Command, args []string) error {
 	log.Info("certification library version ", version.Version.String())
@@ -114,62 +65,23 @@ func checkContainerRunE(cmd *cobra.Command, args []string) error {
 	cfg.Image = containerImage
 	cfg.ResponseFormat = formatters.DefaultFormat
 
-	checkContainer, err := newCheckContainerRunner(ctx, cfg)
+	checkContainer, err := lib.NewCheckContainerRunner(ctx, cfg, submit)
 	if err != nil {
 		return err
 	}
 
 	// Run the  container check.
 	cmd.SilenceUsage = true
-	return preflightCheck(ctx,
-		checkContainer.cfg,
-		checkContainer.pc,
-		checkContainer.eng,
-		checkContainer.formatter,
-		checkContainer.rw,
-		checkContainer.rs,
+	return lib.PreflightCheck(ctx,
+		checkContainer.Cfg,
+		checkContainer.Pc,
+		checkContainer.Eng,
+		checkContainer.Formatter,
+		checkContainer.Rw,
+		checkContainer.Rs,
 	)
 }
 
-// resolveSubmitter will build out a resultSubmitter if the provided pyxisClient, pc, is not nil.
-// The pyxisClient is a required component of the submitter. If pc is nil, then a noop submitter
-// is returned instead, which does nothing.
-func resolveSubmitter(pc pyxisClient, cfg certification.Config) resultSubmitter {
-	if pc != nil {
-		return &containerCertificationSubmitter{
-			certificationProjectID: cfg.CertificationProjectID(),
-			pyxis:                  pc,
-			dockerConfig:           cfg.DockerConfig(),
-			preflightLogFile:       cfg.LogFile(),
-		}
-	}
-
-	return &noopSubmitter{emitLog: true}
-}
-
-// getContainerPolicyExceptions will query Pyxis to determine if
-// a given project has a certification excemptions, such as root or scratch.
-// This will then return the corresponding policy.
-//
-// If no policy exception flags are found on the project, the standard
-// container policy is returned.
-func getContainerPolicyExceptions(ctx context.Context, pc pyxisClient) (policy.Policy, error) {
-	certProject, err := pc.GetProject(ctx)
-	if err != nil {
-		return "", fmt.Errorf("could not retrieve project: %w", err)
-	}
-	log.Debugf("Certification project name is: %s", certProject.Name)
-	if certProject.Container.Type == "scratch" {
-		return policy.PolicyScratch, nil
-	}
-
-	// if a partner sets `Host Level Access` in connect to `Privileged`, enable RootExceptionContainerPolicy checks
-	if certProject.Container.Privileged {
-		return policy.PolicyRoot, nil
-	}
-	return policy.PolicyContainer, nil
-}
-
 func checkContainerPositionalArgs(cmd *cobra.Command, args []string) error {
 	if len(args) != 1 {
 		return fmt.Errorf("a container image positional argument is required")