Skip to content

Commit

Permalink
featuregate flip panic testing
Browse files Browse the repository at this point in the history 
Signed-off-by: Qi Wang <qiwan@redhat.com>
  • Loading branch information
@QiWang19
QiWang19 committed Feb 21, 2024
1 parent fec7b41 commit 8fe4c20
Showing 1 changed file with 29 additions and 14 deletions.
43 changes: 29 additions & 14 deletions pkg/controller/container-runtime-config/container_runtime_config_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,11 @@ func New(
ctrl.featureGateAccess = featureGateAccess

ctrl.configInformerFactory = configInformerFactory
if ctrl.sigstoreAPIEnabled() {

enabled, err := ctrl.sigstoreAPIEnabled()
klog.Infof("imageverification sigstore FeatureGates: %v, error: %v", enabled, err)

if enabled {
ctrl.enableClusterImagePolicyHandler()
}

Expand All @@ -227,7 +231,10 @@ func (ctrl *Controller) Run(workers int, stopCh <-chan struct{}) {
defer ctrl.imgQueue.ShutDown()
listerCaches := []cache.InformerSynced{ctrl.mcpListerSynced, ctrl.mccrListerSynced, ctrl.ccListerSynced,
ctrl.imgListerSynced, ctrl.icspListerSynced, ctrl.idmsListerSynced, ctrl.itmsListerSynced, ctrl.clusterVersionListerSynced}
if ctrl.sigstoreAPIEnabled() {
enabled, err := ctrl.sigstoreAPIEnabled()
klog.Infof("imageverification sigstore FeatureGates: %v, error: %v", enabled, err)

if enabled {
ctrl.enableClusterImagePolicyHandler()
listerCaches = append(listerCaches, ctrl.clusterImagePolicyListerSynced)
}
Expand Down Expand Up @@ -307,34 +314,40 @@ func (ctrl *Controller) itmsConfDeleted(_ interface{}) {
}

func (ctrl *Controller) clusterImagePolicyAdded(_ interface{}) {
if !ctrl.sigstoreAPIEnabled() {
enabled, err := ctrl.sigstoreAPIEnabled()
klog.Infof("imageverification sigstore FeatureGates: %v, error: %v", enabled, err)
if !enabled {
return
}
ctrl.imgQueue.Add("openshift-config")
ctrl.imgQueue.Add("enable-sigstore-api")
}

func (ctrl *Controller) clusterImagePolicyUpdated(_, _ interface{}) {
if !ctrl.sigstoreAPIEnabled() {
enabled, err := ctrl.sigstoreAPIEnabled()
klog.Infof("imageverification sigstore FeatureGates: %v, error: %v", enabled, err)
if !enabled {
return
}
ctrl.imgQueue.Add("openshift-config")
ctrl.imgQueue.Add("enable-sigstore-api")
}

func (ctrl *Controller) clusterImagePolicyDeleted(_ interface{}) {
if !ctrl.sigstoreAPIEnabled() {
enabled, err := ctrl.sigstoreAPIEnabled()
klog.Infof("imageverification sigstore FeatureGates: %v, error: %v", enabled, err)
if !enabled {
return
}
ctrl.imgQueue.Add("openshift-config")
ctrl.imgQueue.Add("enable-sigstore-api")
}

func (ctrl *Controller) sigstoreAPIEnabled() bool {
func (ctrl *Controller) sigstoreAPIEnabled() (bool, error) {
featureGates, err := ctrl.featureGateAccess.CurrentFeatureGates()
if err != nil {
utilruntime.HandleError(fmt.Errorf("error getting current featuregates: %v", err))
return false
return false, err
}
klog.Infof("imageverification sigstore FeatureGates: %v", featureGates.Enabled(apicfgv1.FeatureGateSigstoreImageVerification))
return featureGates.Enabled(apicfgv1.FeatureGateSigstoreImageVerification)
// klog.Infof("imageverification sigstore FeatureGates: %v", featureGates.Enabled(apicfgv1.FeatureGateSigstoreImageVerification))
return featureGates.Enabled(apicfgv1.FeatureGateSigstoreImageVerification), nil
}

func (ctrl *Controller) enableClusterImagePolicyHandler() {
Expand Down Expand Up @@ -857,8 +870,10 @@ func (ctrl *Controller) syncImageConfig(key string) error {
clusterImagePolicies []*apicfgv1alpha1.ClusterImagePolicy
clusterScopePolicies map[string]signature.PolicyRequirements
)
if ctrl.sigstoreAPIEnabled() {
ctrl.enableClusterImagePolicyHandler()
enabled, err := ctrl.sigstoreAPIEnabled()
klog.Infof("imageverification sigstore FeatureGates: %v, error: %v, key: %v", enabled, err, key)

if enabled {
// Find all ClusterImagePolicy objects
clusterImagePolicies, err = ctrl.clusterImagePolicyLister.List(labels.Everything())
if err != nil && errors.IsNotFound(err) {
Expand Down

0 comments on commit 8fe4c20

Please sign in to comment.