Adding support for hardcoded redhat registry (registry.redhat.io) (#50)

edcdavid · web-flow · commit 4f02579fb56b · 2023-06-22T09:53:52.000-05:00
* Adding support for hardcoded redhat registry (registry.redhat.io)

* doc update
diff --git a/Makefile b/Makefile
@@ -57,7 +57,7 @@ coverage-html: test
 	go tool cover -html cover.out
 
 update-certified-catalog:
-	./tnf fetch --operator --container --helm
+	./oct fetch --operator --container --helm
 
 # Update source dependencies and fix versions
 update-deps:
diff --git a/README.md b/README.md
@@ -7,7 +7,9 @@ This is a Work in Progress PoC/demo project, not a complete/GA nor a ready to us
 # Motivation
 ## Completely disconnected environments issue
 
-Tipically, partners run the TNF container in a "bastion" host or whatever Linux machine with access to the OCP nodes. In case that machine does not have internet access for security or any other reasons, TNF will run in a fully/completely disconnected environment. That's not a problem for TNF, except for one test suite: `affiliated-certification`. The test cases on that test suite will check the certification status of the CNF's containers, operators and/or helm charts releases. To do so, it relies on two mechanisms: first, these test cases will try to reach the Red Hat's online catalog, which is just a regular HTTP rest service that can be accessed from anywhere, anytime. In case this service is not reachable, which will happen in a completely disconnected environment, the test case falls back to an "offline" check mechanism, which involves querying the TNF's embedded catalog. So, if the TNF release is too old, those test cases could fail, as the RH's catalog for certified artifacts is continuosly updated, with a lot of new entries being added, modified or removed every day.
+Typically, partners run the TNF container in a "bastion" host or whatever Linux machine with access to the OCP nodes. In case that machine does not have internet access for security or any other reasons, TNF will run in a fully/completely disconnected environment. That's not a problem for TNF, except for one test suite: `affiliated-certification`. The test cases on that test suite will check the certification status of the CNF's containers, operators and/or helm charts releases. To do so, it relies on two mechanisms: first, these test cases will try to reach the Red Hat's online catalog, which is just a regular HTTP rest service that can be accessed from anywhere, anytime. In case this service is not reachable, which will happen in a completely disconnected environment, the test case falls back to an "offline" check mechanism, which involves querying the TNF's embedded catalog. So, if the TNF release is too old, those test cases could fail, as the RH's catalog for certified artifacts is continuously updated, with a lot of new entries being added, modified or removed every day.
+
+Note: Only partner certified images are stored in the offline database. If Redhat images are checked against the offline database, they will show up as not certified. The online database includes both Partner and Redhat images.
 
 If a partner is using the latest official TNF release, let's say v4.1, it will come with an embedded offline catalog that was downloaded and embedded at the same moment the v4.1 version was released. For each day that passes, that offline catalog will be more and more outdated, but the partners will be using that v4.1 until v4.2 comes out, which could take months. If they upgrade their CNFs with new operators/containers that have been added recently to the online catalog, the TNF certification test cases will fail.
 
diff --git a/certdb/offlinecheck/container.go b/certdb/offlinecheck/container.go
@@ -43,8 +43,7 @@ type ContainerCatalogEntry struct {
 	ID                string       `json:"_id"`
 	Architecture      string       `json:"architecture"`
 	Certified         bool         `json:"certified"`
-	DockerImageDigest string       `json:"docker_image_digest"`
-	DockerImageID     string       `json:"docker_image_id"` // image digest
+	DockerImageDigest string       `json:"image_id"`
 	Repositories      []Repository `json:"repositories"`
 }
 type ContainerPageCatalog struct {
diff --git a/cmd/tnf/fetch/fetch.go b/cmd/tnf/fetch/fetch.go
@@ -16,7 +16,7 @@ import (
 
 var (
 	// containersCatalogSizeURL = "https://catalog.redhat.com/api/containers/v1/images?filter=certified==true&page=0&include=total,page_size"
-	containersCatalogPageURL = "https://catalog.redhat.com/api/containers/v1/images?filter=certified==true&page_size=%d&page=%d&include=data.repositories,data.docker_image_digest,data.architecture"
+	containersCatalogPageURL = "https://catalog.redhat.com/api/containers/v1/images?filter=certified==true&page_size=%d&page=%d&include=data.repositories,data.image_id,data.architecture"
 	operatorsCatalogSizeURL  = "https://catalog.redhat.com/api/containers/v1/operators/bundles?filter=organization==certified-operators"
 	operatorsCatalogPageURL  = "https://catalog.redhat.com/api/containers/v1/operators/bundles?filter=organization==certified-operators&page_size=%d&page=%d"
 	helmCatalogURL           = "https://charts.openshift.io/index.yaml"
