From 43b847f9a4be80cc5639593307b6f8f609551cae Mon Sep 17 00:00:00 2001
From: Michele Mangili <michele.mangili@sysdig.com>
Date: Thu, 31 Aug 2023 09:46:22 +0200
Subject: [PATCH] fix(cluster-scanner): corrected parsing of
 onPremCompatibilityVersion param

---
 charts/cluster-scanner/templates/_helpers.tpl |  4 +-
 .../tests/deployment_test.yaml                | 88 +++++++++++++++++--
 2 files changed, 83 insertions(+), 9 deletions(-)

diff --git a/charts/cluster-scanner/templates/_helpers.tpl b/charts/cluster-scanner/templates/_helpers.tpl
index 77a7f83ab..84cf06f2e 100644
--- a/charts/cluster-scanner/templates/_helpers.tpl
+++ b/charts/cluster-scanner/templates/_helpers.tpl
@@ -208,7 +208,7 @@ Define the proper imageRegistry to use for imageSbomExtractor
 {{/*
 Cluster scanner version compatibility check.
 
-If .Values.onPremCompatibilityVersion is set to 6.2, it checks whether
+If .Values.onPremCompatibilityVersion is set to 6.5.0 or below, it checks whether
 the provided tag is < 1.0.0 .
 
 Otherwise, it checks if the provided tag is >= 1.0.0 .
@@ -218,7 +218,7 @@ Version tags must be semver2-compatible otherwise no check will be performed.
 {{- define "cluster-scanner.checkVersionCompatibility" -}}
 {{- if regexMatch "^[0-9]+\\.[0-9]+\\.[0-9]+.*" .Tag -}}
     {{- $version := semver .Tag -}}
-    {{- if and (hasKey (default .Values dict) "onPremCompatibilityVersion") (eq .Values.onPremCompatibilityVersion "6.2") -}}
+    {{- if and (hasKey (default .Values dict) "onPremCompatibilityVersion") (eq (semver .Values.onPremCompatibilityVersion | (semver "6.5.0").Compare) 1) -}}
         {{- if ne ($version | (semver "1.0.0").Compare) 1 -}}
             {{- fail (printf "incompatible version for %s, set %s expected < 1.0.0" .Component .Tag) -}}
         {{- end -}}
diff --git a/charts/cluster-scanner/tests/deployment_test.yaml b/charts/cluster-scanner/tests/deployment_test.yaml
index abd443961..4f1cb3c4a 100644
--- a/charts/cluster-scanner/tests/deployment_test.yaml
+++ b/charts/cluster-scanner/tests/deployment_test.yaml
@@ -214,7 +214,7 @@ tests:
       - failedTemplate:
           errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 4.3.4 expected < 1.0.0"
 
-  - it: "fails if the onPremCompatibilityVersion is not set to 6.2 the imageSbomExtractor version is incorrect"
+  - it: "fails if the onPremCompatibilityVersion is set to 6.2 and the imageSbomExtractor version is incorrect"
     templates:
       - ../templates/deployment.yaml
     set:
@@ -230,17 +230,61 @@ tests:
       - ../templates/deployment.yaml
     set:
       onPremCompatibilityVersion: "6.3"
+      runtimeStatusIntegrator.image.tag: "4.3.4"
+      imageSbomExtractor.image.tag: "0.3.4"
+    asserts:
+      - failedTemplate:
+          errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 4.3.4 expected < 1.0.0"
+
+  - it: "fails if the onPremCompatibilityVersion is set to 6.3 and the imageSbomExtractor version is incorrect"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.3"
+      runtimeStatusIntegrator.image.tag: "0.0.1"
+      imageSbomExtractor.image.tag: "6.1.0"
+    asserts:
+      - failedTemplate:
+          errorMessage: "incompatible version for imageSbomExtractor.image.tag, set 6.1.0 expected < 1.0.0"
+
+  - it: "fails if the onPremCompatibilityVersion is set to 6.5 and the runtimeStatusIntegrator version is incorrect"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.5"
       runtimeStatusIntegrator.image.tag: "0.3.4"
       imageSbomExtractor.image.tag: "1.3.4"
     asserts:
       - failedTemplate:
           errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 0.3.4 expected >= 1.0.0"
 
-  - it: "fails if the onPremCompatibilityVersion is not set to 6.3 the imageSbomExtractor version is incorrect"
+  - it: "fails if the onPremCompatibilityVersion is set to 6.5 and the imageSbomExtractor version is incorrect"
     templates:
       - ../templates/deployment.yaml
     set:
-      onPremCompatibilityVersion: "6.3"
+      onPremCompatibilityVersion: "6.5"
+      runtimeStatusIntegrator.image.tag: "1.3.4"
+      imageSbomExtractor.image.tag: "0.1.0"
+    asserts:
+      - failedTemplate:
+          errorMessage: "incompatible version for imageSbomExtractor.image.tag, set 0.1.0 expected >= 1.0.0"
+
+  - it: "fails if the onPremCompatibilityVersion is set to 6.6 and the runtimeStatusIntegrator version is incorrect"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.6"
+      runtimeStatusIntegrator.image.tag: "0.3.4"
+      imageSbomExtractor.image.tag: "1.3.4"
+    asserts:
+      - failedTemplate:
+          errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 0.3.4 expected >= 1.0.0"
+
+  - it: "fails if the onPremCompatibilityVersion is set to 6.6 and the imageSbomExtractor version is incorrect"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.6"
       runtimeStatusIntegrator.image.tag: "1.3.4"
       imageSbomExtractor.image.tag: "0.1.0"
     asserts:
@@ -282,6 +326,21 @@ tests:
       - ../templates/deployment.yaml
     set:
       onPremCompatibilityVersion: "6.3"
+      runtimeStatusIntegrator.image.tag: "0.3.4"
+      imageSbomExtractor.image.tag: "0.9.10"
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].image
+          value: quay.io/sysdig/runtime-status-integrator:0.3.4
+      - equal:
+          path: spec.template.spec.containers[1].image
+          value: quay.io/sysdig/image-sbom-extractor:0.9.10
+
+  - it: "succeeds if the onPremCompatibilityVersion is set to 6.5 and the runtimeStatusIntegrator and imageSbomExtractor versions are correct"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.5"
       runtimeStatusIntegrator.image.tag: "2.3.4"
       imageSbomExtractor.image.tag: "1.0.0"
     asserts:
@@ -292,11 +351,26 @@ tests:
           path: spec.template.spec.containers[1].image
           value: quay.io/sysdig/image-sbom-extractor:1.0.0
 
-  - it: "succeeds if the runtimeStatusIntegrator version is not a semver and the onPremCompatibilityVersion is 6.2"
+  - it: "succeeds if the onPremCompatibilityVersion is set to 6.6 and the runtimeStatusIntegrator and imageSbomExtractor versions are correct"
     templates:
       - ../templates/deployment.yaml
     set:
-      onPremCompatibilityVersion: "6.2"
+      onPremCompatibilityVersion: "6.6"
+      runtimeStatusIntegrator.image.tag: "2.3.4"
+      imageSbomExtractor.image.tag: "1.0.0"
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].image
+          value: quay.io/sysdig/runtime-status-integrator:2.3.4
+      - equal:
+          path: spec.template.spec.containers[1].image
+          value: quay.io/sysdig/image-sbom-extractor:1.0.0
+
+  - it: "succeeds if the runtimeStatusIntegrator version is not a semver and the onPremCompatibilityVersion is 6.4"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.4"
       runtimeStatusIntegrator.image.tag: "unstable-rc"
       imageSbomExtractor.image.tag: "0.9.0"
     asserts:
@@ -307,11 +381,11 @@ tests:
           path: spec.template.spec.containers[1].image
           value: quay.io/sysdig/image-sbom-extractor:0.9.0
 
-  - it: "succeeds if the imageSbomExtractor version is not a semver and the onPremCompatibilityVersion is 6.3"
+  - it: "succeeds if the imageSbomExtractor version is not a semver and the onPremCompatibilityVersion is 6.5"
     templates:
       - ../templates/deployment.yaml
     set:
-      onPremCompatibilityVersion: "6.3"
+      onPremCompatibilityVersion: "6.5"
       runtimeStatusIntegrator.image.tag: "1.3.5"
       imageSbomExtractor.image.tag: "3bc59a4958d15dfa6afed20dfd2459e268b4cda8"
     asserts: