Test and use rules to components mapping #10638
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
|
Skipping CI for Draft Pull Request. |
|
Start a new ephemeral environment with changes proposed in this pull request: Fedora Environment Oracle Linux 8 Environment |
jan-cerny
added
enhancement
|
I have rebased this PR on the top of the latest upstream master branch. |
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
|
Code Climate has analyzed commit f2c8236 and detected 3 issues on this pull request. Here's the issue category breakdown:
The test coverage on the diff in this pull request is 66.6% (50% is the threshold). This pull request will bring the total coverage in the repository to 53.0% (0.2% change). View more on Code Climate. |
ssg/build_yaml.py
Outdated
| self.rule_to_component = self._load_components(components_dir) | ||
|
|
||
| def benchmark_has_component_mapping(self): | ||
| return ("linux_os/guide" in self.env_yaml["benchmark_root"]) |
There was a problem hiding this comment.
How would applications like OpenShift use components?
There was a problem hiding this comment.
Good point! We have components only for the Linux products so far. I will investigate how I can extend them to other products as well.
If a rule isn't part of any component, the build will fail. The enforcement will be efficient for the `linux_os` benchmark.
Also introduces a `ssg.components` module to the project which can be used later in other tools and build system to work with component files data. This commit adds a simple test case `test_components.py` which tests that - components don't map to rules that don't exist - all rules are mapped to at least 1 component - the rule is assigned to component according to templates or template parameters
This test checks if a rule is mapped to component if it uses a package platform or other platforms that can be easily used to determine to which component the rule should belong to.
|
@jan-cerny: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
This commit extracts method `__process_rule` to reduce the code complexity of the original method, as suggested by CodeClimate.
This aims to address the CodeClimate code complexity problem in the `main()`.
CodeClimate emits a warning if there is too many return statements in a single function.
This change reduces code duplication.
Products can decide to use components or they can define their own set of components. Products specify a path to the directory with component files by the `components_root` key in the `product.yml`. This allows products like OCP to use components.
Extract function get_rule_to_components_mapping and move it to the ssg.components module in order to simplify the BuildLoader class.
|
This PR has been replaced by #10693 because of the inability of canceling the automatically requested reviews. |
Mab879
removed
the
Highlight
Description:
This PR is a follow up on PR #10609 and has been initially created by extracting some commits from there.
The PR introduces a new module
ssg.componentswhich is a basis for future use of the component data in our project. A simple unit test for this module is added as well.The PR introduces the test that performs some basic checks that will help keep the component data consistent. This test tests the following facts:
package_installed,package_removed,service_enabledpackageplatform.The PR enforces component assignment for all rules in the
linux_os/guidebenchmark. That will prevent people from introducing a new rule without mapping it to a component.For more details, please read the commit messages of every commit.
Rationale:
These changes will ensure the component data consistency. Mandatory component assignment will help content authors think about component outreach of new rules. The tests will help people assign the new rules to correct components.
Review Hints:
Remove some rules from some component, eg. remove the rule
package_fapolicyd_installedfromcomponents/fapolicyd.ymland runctest --verbose -R componentsto see how the test reacts. Also, try to build the content to see an error.