Skip to content

Commit

Permalink
add allowedArchitectures function to filter out unsupported architect…
Browse files Browse the repository at this point in the history
…ures in manifeslist processing

Signed-off-by: Adam D. Cornett <adc@redhat.com>
  • Loading branch information
acornett21 committed Mar 4, 2024
1 parent 7812660 commit f19c2a2
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 2 deletions.
14 changes: 13 additions & 1 deletion cmd/preflight/cmd/check_container.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"os"
"path/filepath"
rt "runtime"
"slices"
"strings"

"github.com/redhat-openshift-ecosystem/openshift-preflight/artifacts"
Expand Down Expand Up @@ -423,7 +424,8 @@ func platformsToBeProcessed(cmd *cobra.Command, cfg *runtime.Config) ([]string,
}

// Preflight was given a manifest list. --platform was not specified.
// Therefore, all platforms in the manifest list should be processed.
// Therefore, all platforms in the manifest list that we support
// for certification ie: {"arm64", "amd64", "ppc64le", "s390x"}, should be processed.
// Create a new slice since the original was for a single platform.
containerImagePlatforms = make([]string, 0, len(manifest.Manifests))
for _, img := range manifest.Manifests {
Expand All @@ -435,6 +437,10 @@ func platformsToBeProcessed(cmd *cobra.Command, cfg *runtime.Config) ([]string,
// This must be an attestation manifest. Skip it.
continue
}
if !slices.Contains(allowedArchitectures(), img.Platform.Architecture) {
// The user has a architecture type in the manifest list that we do not support.
continue
}
containerImagePlatforms = append(containerImagePlatforms, img.Platform.Architecture)
}
if platformChanged && len(containerImagePlatforms) == 0 {
Expand All @@ -444,3 +450,9 @@ func platformsToBeProcessed(cmd *cobra.Command, cfg *runtime.Config) ([]string,

return containerImagePlatforms, nil
}

// allowedArchitectures returns a list of container architectures that are supported for certification.
// Only supported architectures are "arm64", "amd64", "ppc64le", "s390x".
func allowedArchitectures() []string {
return []string{"arm64", "amd64", "ppc64le", "s390x"}
}
2 changes: 1 addition & 1 deletion cmd/preflight/cmd/check_container_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ var _ = Describe("Check Container Command", func() {
manifestListSrc = fmt.Sprintf("%s/test/cranelist", u.Host)
manifests["index"] = manifestListSrc

platforms := [4]string{"amd64", "arm64", "ppc64le", "s390x"}
platforms := [5]string{"amd64", "arm64", "ppc64le", "s390x", "arm"}
lst, err := random.Index(1024, 5, int64(len(platforms)+1))
Expect(err).ToNot(HaveOccurred())

Expand Down

0 comments on commit f19c2a2

Please sign in to comment.