Skip to content
This repository has been archived by the owner on Oct 13, 2023. It is now read-only.

Covscan: Fix the command and add RHEL 9 support #755

Merged
merged 1 commit into from
Apr 7, 2023
Merged

Covscan: Fix the command and add RHEL 9 support #755

merged 1 commit into from
Apr 7, 2023

Conversation

vfreex
Copy link
Contributor

@vfreex vfreex commented Apr 4, 2023
edited

  • Fixes images:covscan command for 4.13. SSL CA certificates are
    currently added too late so we see certificate errors with yum
    installs (rhsm-pulp.corp.redhat.com is now on HTTPS).
  • Fixes missing cppcheck package error by adding
    rhel-8-codeready-builder-rpms repo.
  • Adds support for scanning RHEL 9 based images.
  • Adds --podman-sudo flag. Unless specified, podman will be run in
    rootless mode so that we will not see files owned by root on Jenkins.
  • Adds --podman-tmpdir option to customize the directory for image
    downloads. Currently, this directory is a subdirectory of --result-archive,
    which might be on an NFS share that doesn't support SELinux labeling
    and cause SELinux issues.

@vfreex vfreex force-pushed the covscan-el9 branch 8 times, most recently from 39dacb4 to c16d301 Compare April 6, 2023 12:55
@vfreex vfreex changed the title [WIP] Covscan: Fix the command and add RHEL 9 support Covscan: Fix the command and add RHEL 9 support Apr 6, 2023
@openshift-eng openshift-eng deleted a comment from openshift-bot Apr 6, 2023
@openshift-eng openshift-eng deleted a comment from openshift-bot Apr 6, 2023
@openshift-eng openshift-eng deleted a comment from openshift-bot Apr 6, 2023
@openshift-eng openshift-eng deleted a comment from openshift-bot Apr 6, 2023
@openshift-eng openshift-eng deleted a comment from openshift-bot Apr 6, 2023
@openshift-eng openshift-eng deleted a comment from openshift-bot Apr 6, 2023
@openshift-eng openshift-eng deleted a comment from openshift-bot Apr 6, 2023
@openshift-eng openshift-eng deleted a comment from openshift-bot Apr 6, 2023
@openshift-eng openshift-eng deleted a comment from openshift-bot Apr 6, 2023
@openshift-eng openshift-eng deleted a comment from openshift-bot Apr 6, 2023
@openshift-bot
Copy link

Build #11

GLOB sdist-make: /mnt/workspace/jenkins/working/art-tools_doozer_PR-755/setup.py
py38 recreate: /mnt/workspace/jenkins/working/art-tools_doozer_PR-755/.tox/py38
py38 installdeps: -rrequirements-dev.txt, -rrequirements.txt
py38 inst: /mnt/workspace/jenkins/working/art-tools_doozer_PR-755/.tox/.tmp/package/1/rh-doozer-2.0.15.dev307+gc16d301.zip
py38 installed: aiofiles==23.1.0,aiohttp==3.8.4,aiosignal==1.3.1,astroid==2.15.2,async-timeout==4.0.2,asynctest==0.13.0,attrs==22.2.0,autopep8==2.0.2,bashlex==0.18,bcrypt==4.0.1,cachetools==5.3.0,certifi==2022.12.7,cffi==1.15.1,chardet==5.1.0,charset-normalizer==3.1.0,click==8.1.3,colorama==0.4.6,coverage==7.2.2,cryptography==40.0.1,decorator==5.1.1,defusedxml==0.7.1,Deprecated==1.2.13,dill==0.3.6,distlib==0.3.6,dockerfile-parse==2.0.0,exceptiongroup==1.1.1,filelock==3.10.7,flake8==6.0.0,flexmock==0.11.3,frozenlist==1.3.3,future==0.18.3,gssapi==1.8.2,idna==3.4,iniconfig==2.0.0,isort==5.12.0,jira==3.4.1,koji==1.32.1,krb5==0.5.0,lazy-object-proxy==1.9.0,mccabe==0.7.0,multidict==6.0.4,mysql-connector-python==8.0.32,oauthlib==3.2.2,openshift-client==1.0.18,packaging==23.0,paramiko==3.1.0,platformdirs==3.2.0,pluggy==1.0.0,protobuf==3.20.3,pycodestyle==2.10.0,pycparser==2.21,pyflakes==3.0.1,pygit2==1.10.1,PyGithub==1.58.1,PyJWT==2.6.0,pylint==2.17.2,PyNaCl==1.5.0,pyproject-api==1.5.1,pyspnego==0.8.0,pytest==7.2.2,python-dateutil==2.8.2,PyYAML==6.0,requests==2.28.2,requests-gssapi==1.2.3,requests-kerberos==0.14.0,requests-oauthlib==1.3.1,requests-toolbelt==0.10.1,rh-doozer @ file:///mnt/workspace/jenkins/working/art-tools_doozer_PR-755/.tox/.tmp/package/1/rh-doozer-2.0.15.dev307%2Bgc16d301.zip,semver==3.0.0,setuptools-scm==7.1.0,six==1.16.0,tenacity==8.2.2,tomli==2.0.1,tomlkit==0.11.7,tox==4.4.11,typing==3.7.4.3,typing-extensions==4.5.0,urllib3==1.26.15,virtualenv==20.21.0,wrapt==1.15.0,yarl==1.8.2
py38 run-test-pre: PYTHONHASHSEED='2787615435'
py38 run-test: commands[0] | coverage run --branch --source doozerlib -m unittest discover -t . -s tests/
..............................................................................................................................s.s....................................s.s...s.s.s..s.s.s.............................................................................
----------------------------------------------------------------------
Ran 250 tests in 1.746s

OK (skipped=10)
py38 run-test: commands[1] | flake8
py38 run-test: commands[2] | coverage report
Name                                          Stmts   Miss Branch BrPart  Cover
-------------------------------------------------------------------------------
doozerlib/__init__.py                            12      7      2      1    43%
doozerlib/_version.py                             2      2      0      0     0%
doozerlib/assembly.py                           163     32     91     11    76%
doozerlib/assembly_inspector.py                 178    159    100      0     7%
doozerlib/assertion.py                           13      0      6      0   100%
doozerlib/brew.py                               366    206    152      4    40%
doozerlib/build_status_detector.py               85     10     54      3    86%
doozerlib/cli/__init__.py                       122     64     28      0    39%
doozerlib/cli/__main__.py                      1132   1132    452      0     0%
doozerlib/cli/cli_opts.py                        20      3      8      0    89%
doozerlib/cli/config_plashet.py                 535    535    246      0     0%
doozerlib/cli/detect_embargo.py                 167     35     70      8    75%
doozerlib/cli/get_nightlies.py                  230     59    127      3    71%
doozerlib/cli/images_health.py                   82     30     26      2    59%
doozerlib/cli/images_streams.py                 687    687    296      0     0%
doozerlib/cli/inspect_stream.py                  66     66     28      0     0%
doozerlib/cli/release_calc_upgrade_tests.py      24     24      6      0     0%
doozerlib/cli/release_gen_assembly.py           262    146    112      1    39%
doozerlib/cli/release_gen_payload.py            695    260    294     19    58%
doozerlib/cli/rpms_build.py                     165     59     58      8    57%
doozerlib/cli/scan_sources.py                   182    141    100      2    17%
doozerlib/config.py                              97     97     44      0     0%
doozerlib/constants.py                           11      0      0      0   100%
doozerlib/coverity.py                           255    225     82      0     9%
doozerlib/dblib.py                              263    160     68      4    35%
doozerlib/distgit.py                           1540    989    746     40    33%
doozerlib/dotconfig.py                           54     43     31      0    13%
doozerlib/exceptions.py                           2      0      0      0   100%
doozerlib/exectools.py                          197    105     76     10    43%
doozerlib/gitdata.py                            171    137     76      0    14%
doozerlib/image.py                              500    328    216      6    28%
doozerlib/logutil.py                              9      0      2      1    91%
doozerlib/metadata.py                           432    151    184     30    61%
doozerlib/model.py                              113     21     36      2    82%
doozerlib/olm/__init__.py                         0      0      0      0   100%
doozerlib/olm/bundle.py                         315    230     72      0    22%
doozerlib/osbs2_builder.py                      119     30     44     19    67%
doozerlib/plashet.py                            134      9     90     15    89%
doozerlib/pushd.py                               22      2      2      0    92%
doozerlib/release_schedule.py                    28     17      8      0    31%
doozerlib/repos.py                              209    105    113     17    44%
doozerlib/rhcos.py                              202     41     68     12    75%
doozerlib/rpm_builder.py                        225     28    119     31    82%
doozerlib/rpm_utils.py                          134     33     90     11    74%
doozerlib/rpmcfg.py                             151     61     64      8    55%
doozerlib/runtime.py                            950    692    376      8    21%
doozerlib/source_modifications.py               116     33     26      4    68%
doozerlib/state.py                               23     12      8      0    35%
doozerlib/util.py                               452    217    180     13    48%
-------------------------------------------------------------------------------
TOTAL                                         11912   7423   5077    293    35%
___________________________________ summary ____________________________________
  py38: commands succeeded
  congratulations :)

@vfreex
Covscan: Fix the command and add RHEL 9 support
aad9795 
- Fixes `images:covscan` command for 4.13. SSL CA certificates are
  currently added too late so we see certificate errors with yum
installs (`rhsm-pulp.corp.redhat.com` is now on HTTPS).
- Fixes missing `cppcheck` package error by adding
  `rhel-8-codeready-builder-rpms` repo.
- Adds support for scanning RHEL 9 based images.
- Adds `--podman-sudo` flag. Unless specified, podman will be run in
  rootless mode so that we will not see files owned by root on Jenkins.
- Adds `--podman-tmpdir` option to customize the directory for image
  downloads. Currently, this directory is a subdirectory of `--result-archive`,
  which might be on an NFS share that doesn't support SELinux labeling
  and cause SELinux issues.
@openshift-bot
Copy link

Build #12

GLOB sdist-make: /mnt/workspace/jenkins/working/art-tools_doozer_PR-755/setup.py
py38 recreate: /mnt/workspace/jenkins/working/art-tools_doozer_PR-755/.tox/py38
py38 installdeps: -rrequirements-dev.txt, -rrequirements.txt
py38 inst: /mnt/workspace/jenkins/working/art-tools_doozer_PR-755/.tox/.tmp/package/1/rh-doozer-2.0.15.dev307+gaad9795.zip
py38 installed: aiofiles==23.1.0,aiohttp==3.8.4,aiosignal==1.3.1,astroid==2.15.2,async-timeout==4.0.2,asynctest==0.13.0,attrs==22.2.0,autopep8==2.0.2,bashlex==0.18,bcrypt==4.0.1,cachetools==5.3.0,certifi==2022.12.7,cffi==1.15.1,chardet==5.1.0,charset-normalizer==3.1.0,click==8.1.3,colorama==0.4.6,coverage==7.2.2,cryptography==40.0.1,decorator==5.1.1,defusedxml==0.7.1,Deprecated==1.2.13,dill==0.3.6,distlib==0.3.6,dockerfile-parse==2.0.0,exceptiongroup==1.1.1,filelock==3.10.7,flake8==6.0.0,flexmock==0.11.3,frozenlist==1.3.3,future==0.18.3,gssapi==1.8.2,idna==3.4,iniconfig==2.0.0,isort==5.12.0,jira==3.4.1,koji==1.32.1,krb5==0.5.0,lazy-object-proxy==1.9.0,mccabe==0.7.0,multidict==6.0.4,mysql-connector-python==8.0.32,oauthlib==3.2.2,openshift-client==1.0.18,packaging==23.0,paramiko==3.1.0,platformdirs==3.2.0,pluggy==1.0.0,protobuf==3.20.3,pycodestyle==2.10.0,pycparser==2.21,pyflakes==3.0.1,pygit2==1.10.1,PyGithub==1.58.1,PyJWT==2.6.0,pylint==2.17.2,PyNaCl==1.5.0,pyproject-api==1.5.1,pyspnego==0.8.0,pytest==7.2.2,python-dateutil==2.8.2,PyYAML==6.0,requests==2.28.2,requests-gssapi==1.2.3,requests-kerberos==0.14.0,requests-oauthlib==1.3.1,requests-toolbelt==0.10.1,rh-doozer @ file:///mnt/workspace/jenkins/working/art-tools_doozer_PR-755/.tox/.tmp/package/1/rh-doozer-2.0.15.dev307%2Bgaad9795.zip,semver==3.0.0,setuptools-scm==7.1.0,six==1.16.0,tenacity==8.2.2,tomli==2.0.1,tomlkit==0.11.7,tox==4.4.11,typing==3.7.4.3,typing-extensions==4.5.0,urllib3==1.26.15,virtualenv==20.21.0,wrapt==1.15.0,yarl==1.8.2
py38 run-test-pre: PYTHONHASHSEED='3317259345'
py38 run-test: commands[0] | coverage run --branch --source doozerlib -m unittest discover -t . -s tests/
..............................................................................................................................s.s....................................s.s...s.s.s..s.s.s.............................................................................
----------------------------------------------------------------------
Ran 250 tests in 1.895s

OK (skipped=10)
py38 run-test: commands[1] | flake8
py38 run-test: commands[2] | coverage report
Name                                          Stmts   Miss Branch BrPart  Cover
-------------------------------------------------------------------------------
doozerlib/__init__.py                            12      7      2      1    43%
doozerlib/_version.py                             2      2      0      0     0%
doozerlib/assembly.py                           163     32     91     11    76%
doozerlib/assembly_inspector.py                 178    159    100      0     7%
doozerlib/assertion.py                           13      0      6      0   100%
doozerlib/brew.py                               366    206    152      4    40%
doozerlib/build_status_detector.py               85     10     54      3    86%
doozerlib/cli/__init__.py                       122     64     28      0    39%
doozerlib/cli/__main__.py                      1132   1132    452      0     0%
doozerlib/cli/cli_opts.py                        20      3      8      0    89%
doozerlib/cli/config_plashet.py                 535    535    246      0     0%
doozerlib/cli/detect_embargo.py                 167     35     70      8    75%
doozerlib/cli/get_nightlies.py                  230     59    127      3    71%
doozerlib/cli/images_health.py                   82     30     26      2    59%
doozerlib/cli/images_streams.py                 687    687    296      0     0%
doozerlib/cli/inspect_stream.py                  66     66     28      0     0%
doozerlib/cli/release_calc_upgrade_tests.py      24     24      6      0     0%
doozerlib/cli/release_gen_assembly.py           262    146    112      1    39%
doozerlib/cli/release_gen_payload.py            695    260    294     19    58%
doozerlib/cli/rpms_build.py                     165     59     58      8    57%
doozerlib/cli/scan_sources.py                   182    141    100      2    17%
doozerlib/config.py                              97     97     44      0     0%
doozerlib/constants.py                           11      0      0      0   100%
doozerlib/coverity.py                           255    225     82      0     9%
doozerlib/dblib.py                              263    160     68      4    35%
doozerlib/distgit.py                           1540    989    746     40    33%
doozerlib/dotconfig.py                           54     43     31      0    13%
doozerlib/exceptions.py                           2      0      0      0   100%
doozerlib/exectools.py                          197    105     76     10    43%
doozerlib/gitdata.py                            171    137     76      0    14%
doozerlib/image.py                              500    328    216      6    28%
doozerlib/logutil.py                              9      0      2      1    91%
doozerlib/metadata.py                           432    151    184     30    61%
doozerlib/model.py                              113     21     36      2    82%
doozerlib/olm/__init__.py                         0      0      0      0   100%
doozerlib/olm/bundle.py                         315    230     72      0    22%
doozerlib/osbs2_builder.py                      119     30     44     19    67%
doozerlib/plashet.py                            134      9     90     15    89%
doozerlib/pushd.py                               22      2      2      0    92%
doozerlib/release_schedule.py                    28     17      8      0    31%
doozerlib/repos.py                              209    105    113     17    44%
doozerlib/rhcos.py                              202     41     68     12    75%
doozerlib/rpm_builder.py                        225     28    119     31    82%
doozerlib/rpm_utils.py                          134     33     90     11    74%
doozerlib/rpmcfg.py                             151     61     64      8    55%
doozerlib/runtime.py                            950    692    376      8    21%
doozerlib/source_modifications.py               116     33     26      4    68%
doozerlib/state.py                               23     12      8      0    35%
doozerlib/util.py                               452    217    180     13    48%
-------------------------------------------------------------------------------
TOTAL                                         11912   7423   5077    293    35%
___________________________________ summary ____________________________________
  py38: commands succeeded
  congratulations :)

@locriandev locriandev mentioned this pull request Apr 6, 2023
Merged
@vfreex vfreex merged commit 1081139 into openshift-eng:master Apr 7, 2023
1 check failed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@locriandev locriandev locriandev approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@vfreex @openshift-bot @locriandev