fix(cluster-scanner): corrected parsing of onPremCompatibilityVersion…

… param (#1323)
sysdiglabs · Sep 1, 2023 · 89d4975 · 89d4975
1 parent eefb470
commit 89d4975
Show file tree

Hide file tree

Showing 4 changed files with 88 additions and 14 deletions.
diff --git a/charts/cluster-scanner/Chart.yaml b/charts/cluster-scanner/Chart.yaml
@@ -4,7 +4,7 @@ description: Sysdig Cluster Scanner
 
 type: application
 
-version: 0.5.0
+version: 0.5.1
 
 appVersion: "0.1.0"
 home: https://www.sysdig.com/

diff --git a/charts/cluster-scanner/README.md b/charts/cluster-scanner/README.md
@@ -25,7 +25,7 @@ $ pre-commit run -a
 $ helm repo add sysdig https://charts.sysdig.com
 $ helm repo update
 $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
-      --create-namespace -n sysdig --version=0.5.0  \
+      --create-namespace -n sysdig --version=0.5.1  \
       --set global.clusterConfig.name=CLUSTER_NAME \
       --set global.sysdig.region=SYSDIG_REGION \
       --set global.sysdig.accessKey=YOUR-KEY-HERE
@@ -55,7 +55,7 @@ To install the chart with the release name `cluster-scanner`, run:
 
 ```console
 $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
-       --create-namespace -n sysdig --version=0.5.0 \
+       --create-namespace -n sysdig --version=0.5.1 \
        --set global.clusterConfig.name=CLUSTER_NAME \
        --set global.sysdig.region=SYSDIG_REGION \
        --set global.sysdig.accessKey=YOUR-KEY-HERE
@@ -159,7 +159,7 @@ Specify each parameter using the **`--set key=value[,key=value]`** argument to `
 
 ```console
 $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
-    --create-namespace -n sysdig --version=0.5.0 \
+    --create-namespace -n sysdig --version=0.5.1 \
     --set global.sysdig.region="us1"
 ```
 
@@ -168,7 +168,7 @@ installing the chart. For example:
 
 ```console
 $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
-    --create-namespace -n sysdig --version=0.5.0 \
+    --create-namespace -n sysdig --version=0.5.1 \
     --values values.yaml
 ```
 

diff --git a/charts/cluster-scanner/templates/_helpers.tpl b/charts/cluster-scanner/templates/_helpers.tpl
@@ -208,7 +208,7 @@ Define the proper imageRegistry to use for imageSbomExtractor
 {{/*
 Cluster scanner version compatibility check.
 
-If .Values.onPremCompatibilityVersion is set to 6.2, it checks whether
+If .Values.onPremCompatibilityVersion is set to 6.5.0 or below, it checks whether
 the provided tag is < 1.0.0 .
 
 Otherwise, it checks if the provided tag is >= 1.0.0 .
@@ -218,7 +218,7 @@ Version tags must be semver2-compatible otherwise no check will be performed.
 {{- define "cluster-scanner.checkVersionCompatibility" -}}
 {{- if regexMatch "^[0-9]+\\.[0-9]+\\.[0-9]+.*" .Tag -}}
     {{- $version := semver .Tag -}}
-    {{- if and (hasKey (default .Values dict) "onPremCompatibilityVersion") (eq .Values.onPremCompatibilityVersion "6.2") -}}
+    {{- if and (hasKey (default .Values dict) "onPremCompatibilityVersion") (eq (semver .Values.onPremCompatibilityVersion | (semver "6.5.0").Compare) 1) -}}
         {{- if ne ($version | (semver "1.0.0").Compare) 1 -}}
             {{- fail (printf "incompatible version for %s, set %s expected < 1.0.0" .Component .Tag) -}}
         {{- end -}}

diff --git a/charts/cluster-scanner/tests/deployment_test.yaml b/charts/cluster-scanner/tests/deployment_test.yaml
@@ -214,7 +214,7 @@ tests:
       - failedTemplate:
           errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 4.3.4 expected < 1.0.0"
 
-  - it: "fails if the onPremCompatibilityVersion is not set to 6.2 the imageSbomExtractor version is incorrect"
+  - it: "fails if the onPremCompatibilityVersion is set to 6.2 and the imageSbomExtractor version is incorrect"
     templates:
       - ../templates/deployment.yaml
     set:
@@ -230,17 +230,61 @@ tests:
       - ../templates/deployment.yaml
     set:
       onPremCompatibilityVersion: "6.3"
+      runtimeStatusIntegrator.image.tag: "4.3.4"
+      imageSbomExtractor.image.tag: "0.3.4"
+    asserts:
+      - failedTemplate:
+          errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 4.3.4 expected < 1.0.0"
+
+  - it: "fails if the onPremCompatibilityVersion is set to 6.3 and the imageSbomExtractor version is incorrect"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.3"
+      runtimeStatusIntegrator.image.tag: "0.0.1"
+      imageSbomExtractor.image.tag: "6.1.0"
+    asserts:
+      - failedTemplate:
+          errorMessage: "incompatible version for imageSbomExtractor.image.tag, set 6.1.0 expected < 1.0.0"
+
+  - it: "fails if the onPremCompatibilityVersion is set to 6.5 and the runtimeStatusIntegrator version is incorrect"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.5"
       runtimeStatusIntegrator.image.tag: "0.3.4"
       imageSbomExtractor.image.tag: "1.3.4"
     asserts:
       - failedTemplate:
           errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 0.3.4 expected >= 1.0.0"
 
-  - it: "fails if the onPremCompatibilityVersion is not set to 6.3 the imageSbomExtractor version is incorrect"
+  - it: "fails if the onPremCompatibilityVersion is set to 6.5 and the imageSbomExtractor version is incorrect"
     templates:
       - ../templates/deployment.yaml
     set:
-      onPremCompatibilityVersion: "6.3"
+      onPremCompatibilityVersion: "6.5"
+      runtimeStatusIntegrator.image.tag: "1.3.4"
+      imageSbomExtractor.image.tag: "0.1.0"
+    asserts:
+      - failedTemplate:
+          errorMessage: "incompatible version for imageSbomExtractor.image.tag, set 0.1.0 expected >= 1.0.0"
+
+  - it: "fails if the onPremCompatibilityVersion is set to 6.6 and the runtimeStatusIntegrator version is incorrect"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.6"
+      runtimeStatusIntegrator.image.tag: "0.3.4"
+      imageSbomExtractor.image.tag: "1.3.4"
+    asserts:
+      - failedTemplate:
+          errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 0.3.4 expected >= 1.0.0"
+
+  - it: "fails if the onPremCompatibilityVersion is set to 6.6 and the imageSbomExtractor version is incorrect"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.6"
       runtimeStatusIntegrator.image.tag: "1.3.4"
       imageSbomExtractor.image.tag: "0.1.0"
     asserts:
@@ -282,6 +326,21 @@ tests:
       - ../templates/deployment.yaml
     set:
       onPremCompatibilityVersion: "6.3"
+      runtimeStatusIntegrator.image.tag: "0.3.4"
+      imageSbomExtractor.image.tag: "0.9.10"
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].image
+          value: quay.io/sysdig/runtime-status-integrator:0.3.4
+      - equal:
+          path: spec.template.spec.containers[1].image
+          value: quay.io/sysdig/image-sbom-extractor:0.9.10
+
+  - it: "succeeds if the onPremCompatibilityVersion is set to 6.5 and the runtimeStatusIntegrator and imageSbomExtractor versions are correct"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.5"
       runtimeStatusIntegrator.image.tag: "2.3.4"
       imageSbomExtractor.image.tag: "1.0.0"
     asserts:
@@ -292,11 +351,26 @@ tests:
           path: spec.template.spec.containers[1].image
           value: quay.io/sysdig/image-sbom-extractor:1.0.0
 
-  - it: "succeeds if the runtimeStatusIntegrator version is not a semver and the onPremCompatibilityVersion is 6.2"
+  - it: "succeeds if the onPremCompatibilityVersion is set to 6.6 and the runtimeStatusIntegrator and imageSbomExtractor versions are correct"
     templates:
       - ../templates/deployment.yaml
     set:
-      onPremCompatibilityVersion: "6.2"
+      onPremCompatibilityVersion: "6.6"
+      runtimeStatusIntegrator.image.tag: "2.3.4"
+      imageSbomExtractor.image.tag: "1.0.0"
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].image
+          value: quay.io/sysdig/runtime-status-integrator:2.3.4
+      - equal:
+          path: spec.template.spec.containers[1].image
+          value: quay.io/sysdig/image-sbom-extractor:1.0.0
+
+  - it: "succeeds if the runtimeStatusIntegrator version is not a semver and the onPremCompatibilityVersion is 6.4"
+    templates:
+      - ../templates/deployment.yaml
+    set:
+      onPremCompatibilityVersion: "6.4"
       runtimeStatusIntegrator.image.tag: "unstable-rc"
       imageSbomExtractor.image.tag: "0.9.0"
     asserts:
@@ -307,11 +381,11 @@ tests:
           path: spec.template.spec.containers[1].image
           value: quay.io/sysdig/image-sbom-extractor:0.9.0
 
-  - it: "succeeds if the imageSbomExtractor version is not a semver and the onPremCompatibilityVersion is 6.3"
+  - it: "succeeds if the imageSbomExtractor version is not a semver and the onPremCompatibilityVersion is 6.5"
     templates:
       - ../templates/deployment.yaml
     set:
-      onPremCompatibilityVersion: "6.3"
+      onPremCompatibilityVersion: "6.5"
       runtimeStatusIntegrator.image.tag: "1.3.5"
       imageSbomExtractor.image.tag: "3bc59a4958d15dfa6afed20dfd2459e268b4cda8"
     asserts: