Skip to content

Commit fb5b60f

Browse files
ramperherramperher
committed
certsuite | update backwards compatibility till v5.5.0
1 parent 2d12927 commit fb5b60f

File tree

4 files changed

+5
-17
lines changed

4 files changed

+5
-17
lines changed

roles/k8s_best_practices_certsuite/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ Before executing the certsuite, it's important to label the pods to test using t
99
Name | Default | Description
1010
--------------------------------------- |--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------
1111
kbpc_check_commit_sha | false | Flag that allows to check if the certsuite image used is based on the same commit SHA than the repository cloned in this role.
12-
kbpc_version | See [default vars file](defaults/main.yml) for the latest version supported by the agent | Certsuite downloaded version. The role supports from v5.3.3 till the latest stable version. HEAD version (in the main branch) can be also used, but it is not guaranteed a complete compatibility with the latest unstable changes.
12+
kbpc_version | See [default vars file](defaults/main.yml) for the latest version supported by the agent | Certsuite downloaded version. The role supports from v5.5.0 till the latest stable version. HEAD version (in the main branch) can be also used, but it is not guaranteed a complete compatibility with the latest unstable changes.
1313
kbpc_repo_org_name | redhat-best-practices-for-k8s | Repository organization.
1414
kbpc_project_name | certsuite | Project name. Also, directory name to look at on the certsuite repo.
1515
kbpc_repository | "https://github.com/{{ kbpc_repo_org_name }}/{{ kbpc_project_name }}" | Repository to download the certsuite code.

roles/k8s_best_practices_certsuite/tasks/pre-run.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,12 +6,12 @@
66
- kbpc_kubeconfig|length
77
fail_msg: "kubeconfig is required to run certsuite"
88

9-
- name: Fail if certsuite version is lower than v5.3.3
9+
- name: Fail if certsuite version is lower than v5.5.0
1010
when:
11-
- kbpc_version is version("v5.3.3", "<")
11+
- kbpc_version is version("v5.5.0", "<")
1212
- kbpc_version != "HEAD"
1313
ansible.builtin.fail:
14-
msg: "This role is not compatible with certsuite version < v5.3.3"
14+
msg: "This role is not compatible with certsuite version < v5.5.0"
1515

1616
# Just do this in case preflight test suite is used. This happens if using
1717
# preflight label. This check is included as a warning for users in case of not

roles/k8s_best_practices_certsuite/tasks/tests.yml

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,6 @@
1212
mode: '0755'
1313

1414
- name: Tasks related to Certsuite submission through CWE Hydra API
15-
when: kbpc_version is version('v5.4.2', '>=') or kbpc_version == 'HEAD'
1615
block:
1716
- name: Verify if the CWE Hydra API key file exists
1817
ansible.builtin.stat:
@@ -58,7 +57,7 @@
5857
--preflight-dockerconfig=/usr/certsuite/config/config.json \
5958
--allow-preflight-insecure={{ kbpc_allow_preflight_insecure }} \
6059
{% endif %}
61-
{% if (kbpc_version is version('v5.4.3', '>=') or kbpc_version == 'HEAD') and kbpc_cwe_apikey is defined and kbpc_cwe_project_id is defined %}
60+
{% if kbpc_cwe_apikey is defined and kbpc_cwe_project_id is defined %}
6261
--connect-api-key={{ kbpc_cwe_apikey }} \
6362
--connect-project-id={{ kbpc_cwe_project_id }} \
6463
{% endif %}
@@ -68,11 +67,7 @@
6867
--kubeconfig=/usr/certsuite/config/kubeconfig \
6968
--certsuite-probe-image={{ kbpc_partner_repo }}/{{ kbpc_support_image }} \
7069
--create-xml-junit-file={{ kbpc_enable_xml_creation }} \
71-
{% if kbpc_version is version('v5.5.0', '>=') or kbpc_version == 'HEAD' %}
7270
--intrusive={{ kbpc_intrusive }} \
73-
{% else %}
74-
--non-intrusive={{ kbpc_non_intrusive_only }} \
75-
{% endif %}
7671
--log-level={{ kbpc_log_level }} \
7772
--include-web-files=true
7873
ansible.builtin.shell: |

roles/k8s_best_practices_certsuite/templates/certsuite_config.yml.j2

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -50,19 +50,12 @@ servicesignorelist:
5050
- {{ item }}
5151
{% endfor %}
5252

53-
{% if kbpc_version is version('v5.4.2', '>=') or kbpc_version == 'HEAD' %}
5453
connectAPIConfig:
5554
baseURL: "https://access.redhat.com/hydra/cwe/rest/v1.0"
56-
{% if kbpc_version is version('v5.4.2', '==') and kbpc_cwe_apikey is defined and kbpc_cwe_project_id is defined %}
57-
apiKey: {{ kbpc_cwe_apikey }}
58-
projectID: {{ kbpc_cwe_project_id }}
59-
{% else %}
6055
apiKey: ""
6156
projectID: ""
62-
{% endif %}
6357
proxyURL: ""
6458
proxyPort: ""
65-
{% endif %}
6659

6760
## collector DB
6861
{% if kbpc_partner_name|length == 0 %}#{% endif %}partnerName: {{ kbpc_partner_name }}

0 commit comments

Comments
 (0)