search

sigstore / policy-controller

Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign
Other
123 stars 55 forks source link

Upgrade scaffolding to v0.7.2 #1488

Closed malancas closed 3 months ago

malancas commented 3 months ago

Summary

Upgrade scaffolding to v0.7.2 in the Kind related workflows. This will resolve the metallb related errors we are seeing in the Kind testing workflows.

Release Note

Documentation

malancas commented 3 months ago

cc @hectorj2f @vaikas just wanted to let you both know

vaikas commented 3 months ago

Looks like 7.2 was cut? Can we try with that?

vaikas commented 3 months ago

Looks like both tests failed with expired TUF root 🤔 

--- FAIL: TestClientFromSerializedMirror (0.00s)
    repo_test.go:206: Failed to unserialize repo: failed to update TUF client: tuf: failed to decode root.json: expired at 2024-06-14 18:52:45 +0000 UTC
malancas commented 3 months ago

Looks like 7.2 was cut? Can we try with that?

Perfect timing, just updated to 7.2

vaikas commented 3 months ago

Looks like it failed again, haha, looks like the testdata needs to be recreated: https://github.com/sigstore/policy-controller/blob/f099546d3ce22170217ac170191c3b7e97371ab9/pkg/tuf/repo_test.go#L73

malancas commented 3 months ago

Throwing this back into draft while I work on the other test failures.

hectorj2f commented 3 months ago

@malancas Do you know how to fix the tuf expiration ? Otherwise I can take some time tomorrow morning to fix it.

malancas commented 3 months ago

@malancas Do you know how to fix the tuf expiration ? Otherwise I can take some time tomorrow morning to fix it.

I don't think so. I'll remove the initial TUF changes from this PR and just let this update the scaffolding version if you have time to work on the TUF expiration.

hectorj2f commented 3 months ago

@malancas You could cherry pick my changes from here https://github.com/sigstore/policy-controller/pull/1496 if you prefer.

codecov[bot] commented 3 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 42.28%. Comparing base (50ef092) to head (1351172). Report is 98 commits behind head on main.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #1488 +/- ## =========================================== - Coverage 52.92% 42.28% -10.65% =========================================== Files 44 121 +77 Lines 3979 7168 +3189 =========================================== + Hits 2106 3031 +925 - Misses 1651 3783 +2132 - Partials 222 354 +132 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

cpanato commented 3 months ago

thanks @malancas for the fix! i did a rebase to unblock ci and we were able to merge the other PRs in the queue, hope you dont mind