Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow for adding new artifacts to an existing occurrence #4

Merged
merged 6 commits into from
Mar 29, 2021

Conversation

alexashley
Copy link
Contributor

Along with the work in #3, this closes #1

This is to account for workflows where an artifact is built and pushed to a registry in a lower environment and then retagged and pushed to a registry in a production environment. This is common at larger companies that want to restrict who can deploy production artifacts, but still want to allow for fast iteration in lower environments.

Add a build occurrence:

curl  \
  --url http://localhost:8083/v1alpha1/builds \
  --header 'Content-Type: application/json' \
  --data '{
	"commitId": "639550538727a298ed0757cdf8d1526d65eb5328",
	"repository": "https://github.com/rode/collector-build",
	"artifacts": [
		"ghcr.io/rode/collector-build@sha256:12345"
	]
}'

Update with the prod artifact:

curl --request PUT \
  --url http://localhost:8083/v1alpha1/builds \
  --header 'Content-Type: application/json' \
  --data '{
	"existingArtifact": "ghcr.io/rode/collector-build@sha256:12345",
	"newArtifact": "ghcr.io/rode/collector-build@sha256:PROD"
}
'

If there are multiple occurrences that match the artifact, the oldest is used. We could potentially allow for multiple to updated if there's a use case for that.

Id: extractOccurrenceIdFromName(occurrence.Name),
Occurrence: occurrence,
UpdateMask: &field_mask.FieldMask{
Paths: []string{"details.build.provenance.built_artifacts"},
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll open a grafeas-elasticsearch issue to track this, but this field mask path is actually invalid, because details is a oneof field, it shouldn't appear in the mask path at all (same reason that it isn't serialized when converting a proto to text or json).

However, the utils library we use in grafeas-elasticsearch ignores the mask if we don't specify the oneof field name. We attempted to fix this, but it's a bit of a pain to do correctly, since there's no built-in support for merging proto messages in Go with a field mask (but there is for other languages).

See this issue for more info (trying not to have GH auto-reference it since it's closed):

https://github.com/mennanov/fieldmask-utils/pull/15

server/server.go Outdated
Paths: []string{"details.build.provenance.built_artifacts"},
}})

log.Debug("UpdateOccurrence response", zap.Any("response", res))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nitpick: I'd move this after the err check, since this won't be useful if err != nil as res will be nil anyways.

left := response.Occurrences[l].CreateTime.AsTime()
right := response.Occurrences[r].CreateTime.AsTime()

return left.Before(right)

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are we sure we want earliest? Is most current the most valid? HA... Maybe it shouldn't happen but I bet we'd want the latest one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Create example build occurrence collector for rode
4 participants