Skip to content

Commit

Permalink
Fix publishing EE image to RH registry [v5.1.7]
Browse files Browse the repository at this point in the history
  • Loading branch information
ldziedziul committed Feb 1, 2024
1 parent 7fc39a0 commit 761bd41
Showing 1 changed file with 12 additions and 14 deletions.
26 changes: 12 additions & 14 deletions .github/scripts/publish-rhel.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
#!/bin/bash

set -euo pipefail ${RUNNER_DEBUG:+-x}

get_image()
{
local PUBLISHED=$1
Expand All @@ -16,7 +18,7 @@ get_image()
fi

local FILTER="filter=deleted==false;${PUBLISHED_FILTER}"
local INCLUDE="include=total,data.repositories.tags.name,data.scan_status,data._id"
local INCLUDE="include=total,data.repositories.tags.name,data.certified,data.container_grades,data._id"

local RESPONSE=$( \
curl --silent \
Expand Down Expand Up @@ -44,13 +46,14 @@ wait_for_container_scan()
# Wait until the image is scanned
for i in `seq 1 ${NOF_RETRIES}`; do
local IMAGE=$(get_image not_published "${RHEL_PROJECT_ID}" "${VERSION}" "${RHEL_API_KEY}")
local SCAN_STATUS=$(echo "$IMAGE" | jq -r '.data[0].scan_status')
local SCAN_STATUS=$(echo "$IMAGE" | jq -r '.data[0].container_grades.status')
local IMAGE_CERTIFIED=$(echo "$IMAGE" | jq -r '.data[0].certified')

if [[ $SCAN_STATUS == "in progress" ]]; then
echo "Scanning in progress, waiting..."
elif [[ $SCAN_STATUS == "null" ]]; then
echo "Image is still not present in the registry!"
elif [[ $SCAN_STATUS == "passed" ]]; then
elif [[ $SCAN_STATUS == "completed" && "$IMAGE_CERTIFIED" == "true" ]]; then
echo "Scan passed!" ; return 0
else
echo "Scan failed!" ; return 1
Expand All @@ -76,9 +79,10 @@ publish_the_image()
local IMAGE=$(get_image not_published "${RHEL_PROJECT_ID}" "${VERSION}" "${RHEL_API_KEY}")
local IMAGE_EXISTS=$(echo $IMAGE | jq -r '.total')
if [[ $IMAGE_EXISTS == "1" ]]; then
local SCAN_STATUS=$(echo $IMAGE | jq -r '.data[0].scan_status')
if [[ $SCAN_STATUS != "passed" ]]; then
echo "Image you are trying to publish did not pass the certification test, its status is \"${SCAN_STATUS}\""
local SCAN_STATUS=$(echo "$IMAGE" | jq -r '.data[0].container_grades.status')
local IMAGE_CERTIFIED=$(echo "$IMAGE" | jq -r '.data[0].certified')
if [[ $SCAN_STATUS != "completed" || "$IMAGE_CERTIFIED" != "true" ]]; then
echo "Image you are trying to publish did not pass the certification test, its status is \"${SCAN_STATUS}\" and certified is \"${IMAGE_CERTIFIED}\""
return 1
fi
else
Expand Down Expand Up @@ -113,14 +117,8 @@ sync_tags()

local IMAGE=$(get_image published "${RHEL_PROJECT_ID}" "${VERSION}" "${RHEL_API_KEY}")
local IMAGE_EXISTS=$(echo $IMAGE | jq -r '.total')
if [[ $IMAGE_EXISTS != "0" ]]; then
local SCAN_STATUS=$(echo $IMAGE | jq -r '.data[0].scan_status')
if [[ $SCAN_STATUS != "passed" ]]; then
echo "Image you are trying to publish did not pass the certification test, its status is \"${SCAN_STATUS}\""
return 1
fi
else
echo "Image you are trying to publish does not exist."
if [[ $IMAGE_EXISTS == "0" ]]; then
echo "Image you are trying to sync does not exist."
return 1
fi

Expand Down

0 comments on commit 761bd41

Please sign in to comment.