-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Optional Restricted Network Check #858
Add Optional Restricted Network Check #858
Conversation
/hold |
b05a562
to
357e60c
Compare
My comments ended up on the commit and not this PR. :( Summary:
|
357e60c addresses golangci-lint complaints |
The 2.5% coverage decrease is also coming from the original commits related to the rebase - not this PR. |
357e60c
to
870d12c
Compare
Removing the hold on this as lib-->main has now merged, and this should no longer reflect those changes in this PR's commit history. Just the relevant changes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A nit, a question, and a bug.
870d12c
to
e835689
Compare
e835689
to
2e4f1be
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a small nit. I'll drop an approve in case you want to ignore it.
2e4f1be
to
4652a79
Compare
/lgtm |
4652a79
to
8638c7e
Compare
…eadiness guidelines have been applied Signed-off-by: Jose R. Gonzalez <jose@flutes.dev>
8638c7e
to
9dd58dd
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: acornett21, bcrochet, komish The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This PR is built off of the lib-->main rebase because that rebase has moved a majority of the library code into an internal package. This PR does the same for new code to avoid rework. If you want to review this before that merge happens, just click on the last commit of this commit stack, which should show you only the changes actually associated with this PR (e.g. b05a562 but this will change as I fix bugs)
This PR adds a check that attempts to review a CSV for hints that the developer has implemented guidelines to support clusters that have restricted networks. This boils down to:
There's no technical way to validate that the third bullet results in a workload that respects this value. With that being said, OperatorSDK and operator-manifest-tools will automatically pin tagged images to their digest values if they're prefixed with this string, and so it makes sense to at least look for them to try to increase the confidence that things will work as expected.
This check is marked as optional. It may fail, but that failure does not block overall results, or reflect as a failed check.
Note that a majority of this check's logic was thrown into a library (internal/csv) just to make it easier to test.