From fe0978b88acf0d358ad370148f430dffa9c8b8fe Mon Sep 17 00:00:00 2001 From: Romain Arnaud Date: Wed, 13 Nov 2024 15:33:54 -0500 Subject: [PATCH] fix: ACS tasks * fix copy-paste typo in output * add retry mechanism to acs-image-scan to help with RHTAPBUGS-1316 --- .../0.1/acs-deploy-check.yaml | 2 +- task/acs-image-check/0.1/acs-image-check.yaml | 2 +- task/acs-image-scan/0.1/acs-image-scan.yaml | 39 ++++++++++++------- 3 files changed, 27 insertions(+), 16 deletions(-) diff --git a/task/acs-deploy-check/0.1/acs-deploy-check.yaml b/task/acs-deploy-check/0.1/acs-deploy-check.yaml index 68186a489..e22346798 100644 --- a/task/acs-deploy-check/0.1/acs-deploy-check.yaml +++ b/task/acs-deploy-check/0.1/acs-deploy-check.yaml @@ -50,7 +50,7 @@ spec: image: registry.redhat.io/openshift4/ose-cli:4.13@sha256:73df37794ffff7de1101016c23dc623e4990810390ebdabcbbfa065214352c7c script: | #!/usr/bin/env bash - echo "acs-image-scan $(context.taskRun.name)" + echo "acs-deploy-check $(context.taskRun.name)" oc annotate taskrun $(context.taskRun.name) task.results.format=application/json oc annotate taskrun $(context.taskRun.name) task.results.type=roxctl-deployment-check oc annotate taskrun $(context.taskRun.name) task.results.container=step-report diff --git a/task/acs-image-check/0.1/acs-image-check.yaml b/task/acs-image-check/0.1/acs-image-check.yaml index 4ea39fa5f..357ddb7aa 100644 --- a/task/acs-image-check/0.1/acs-image-check.yaml +++ b/task/acs-image-check/0.1/acs-image-check.yaml @@ -46,7 +46,7 @@ spec: image: registry.redhat.io/openshift4/ose-cli:4.13@sha256:73df37794ffff7de1101016c23dc623e4990810390ebdabcbbfa065214352c7c script: | #!/usr/bin/env bash - echo "acs-image-scan $(context.taskRun.name)" + echo "acs-image-check $(context.taskRun.name)" oc annotate taskrun $(context.taskRun.name) task.results.format=application/json oc annotate taskrun $(context.taskRun.name) task.results.type=roxctl-image-check oc annotate taskrun $(context.taskRun.name) task.results.container=step-report diff --git a/task/acs-image-scan/0.1/acs-image-scan.yaml b/task/acs-image-scan/0.1/acs-image-scan.yaml index 027a2798b..c4d6146b8 100644 --- a/task/acs-image-scan/0.1/acs-image-scan.yaml +++ b/task/acs-image-scan/0.1/acs-image-scan.yaml @@ -129,20 +129,31 @@ spec: echo "roxctl image scan" IMAGE=${PARAM_IMAGE}@${PARAM_IMAGE_DIGEST} - ./roxctl image scan \ - $( [ "${PARAM_INSECURE_SKIP_TLS_VERIFY}" = "true" ] && \ - echo -n "--insecure-skip-tls-verify") \ - -e "${ROX_CENTRAL_ENDPOINT}" --image "$IMAGE" --output json --force \ - > roxctl_image_scan_output.json - image_scan_err_code=$? - cp roxctl_image_scan_output.json /steps-shared-folder/acs-image-scan.json - if [ $image_scan_err_code -ne 0 ]; then - cat roxctl_image_scan_output.json - note='ACS image scan failed to process the image. See the task logs for more details.' - echo $note - set_test_output_result ERROR "$note" - exit 2 - fi + retry=3 + while true; do + retry=$(( retry - 1 )) + ./roxctl image scan \ + $( [ "${PARAM_INSECURE_SKIP_TLS_VERIFY}" = "true" ] && \ + echo -n "--insecure-skip-tls-verify") \ + -e "${ROX_CENTRAL_ENDPOINT}" --image "$IMAGE" --output json --force \ + > roxctl_image_scan_output.json + image_scan_err_code=$? + cp -f roxctl_image_scan_output.json /steps-shared-folder/acs-image-scan.json + if [ $image_scan_err_code -ne 0 ]; then + cat roxctl_image_scan_output.json + if [ "$(grep -c "context deadline exceeded" roxctl_image_scan_output.json)" -ne 0 ] && [ $retry -gt 0 ]; then + echo "Retry in 5m" + sleep 300 + else + note='ACS image scan failed to process the image. See the task logs for more details.' + echo "$note" + set_test_output_result ERROR "$note" + exit 2 + fi + else + break + fi + done # Set SCAN_OUTPUT result critical=$(cat roxctl_image_scan_output.json | grep -oP '(?<="CRITICAL": )\d+')