Skip to content

Commit

Permalink
add scratch policy exception support for os_content_type
Browse files Browse the repository at this point in the history
Signed-off-by: Adam D. Cornett <[email protected]>
  • Loading branch information
acornett21 committed Jun 5, 2023
1 parent 14dfc9d commit 089e1b9
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 2 deletions.
9 changes: 9 additions & 0 deletions internal/lib/fakes_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,15 @@ func gpFuncReturnScratchException(ctx context.Context) (*pyxis.CertProject, erro
}, nil
}

// gpFuncReturnScratchImageException implements gpFunc and returns a scratch image exception.
func gpFuncReturnScratchImageException(ctx context.Context) (*pyxis.CertProject, error) {
return &pyxis.CertProject{
Container: pyxis.Container{
OsContentType: "Scratch Image",
},
}, nil
}

// gpFuncReturnRootException implements gpFunc and returns a root exception.
func gpFuncReturnRootException(ctx context.Context) (*pyxis.CertProject, error) {
return &pyxis.CertProject{
Expand Down
2 changes: 1 addition & 1 deletion internal/lib/lib.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ func GetContainerPolicyExceptions(ctx context.Context, pc PyxisClient) (policy.P
return "", fmt.Errorf("could not retrieve project: %w", err)
}
logger.V(log.DBG).Info("certification project", "name", certProject.Name)
if certProject.Container.Type == "scratch" {
if certProject.Container.Type == "scratch" || certProject.Container.OsContentType == "Scratch Image" {
return policy.PolicyScratch, nil
}

Expand Down
9 changes: 8 additions & 1 deletion internal/lib/types_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -71,13 +71,20 @@ var _ = Describe("Policy Resolution", func() {
Expect(err).To(HaveOccurred())
})

It("should return a scratch policy exception if the project has the flag in the API", func() {
It("should return a scratch policy exception if the project has type flag in the API", func() {
fakePC.getProjectsFunc = gpFuncReturnScratchException
p, err := GetContainerPolicyExceptions(context.TODO(), fakePC)
Expect(p).To(Equal(policy.PolicyScratch))
Expect(err).ToNot(HaveOccurred())
})

It("should return a scratch policy exception if the project has os_content_type flag in the API", func() {
fakePC.getProjectsFunc = gpFuncReturnScratchImageException
p, err := GetContainerPolicyExceptions(context.TODO(), fakePC)
Expect(p).To(Equal(policy.PolicyScratch))
Expect(err).ToNot(HaveOccurred())
})

It("should return a root policy exception if the project has the flag in the API", func() {
fakePC.getProjectsFunc = gpFuncReturnRootException
p, err := GetContainerPolicyExceptions(context.TODO(), fakePC)
Expand Down

0 comments on commit 089e1b9

Please sign in to comment.