fix redhat api changes for bundle release (#719)

freeznet · web-flow · commit da3c208f70c6 · 2024-01-23T15:54:34.000+08:00
diff --git a/hack/publish-rhel.sh b/hack/publish-rhel.sh
@@ -34,7 +34,7 @@ get_image()
     fi
 
     local FILTER="filter=deleted==false;${PUBLISHED_FILTER}"
-    local INCLUDE="include=total,data.repositories.tags.name,data.scan_status,data._id"
+    local INCLUDE="include=total,data.repositories.tags.name,data.certified,data.container_grades,data._id"
 
     local RESPONSE=$( \
         curl --silent \
@@ -62,13 +62,14 @@ wait_for_container_scan()
     # Wait until the image is scanned
     for i in `seq 1 ${NOF_RETRIES}`; do
         local IMAGE=$(get_image not_published "${RHEL_PROJECT_ID}" "${VERSION}" "${RHEL_API_KEY}")
-        local SCAN_STATUS=$(echo "$IMAGE" | jq -r '.data[0].scan_status')
+        local SCAN_STATUS=$(echo "$IMAGE" | jq -r '.data[0].container_grades.status')
+        local IMAGE_CERTIFIED=$(echo "$IMAGE" | jq -r '.data[0].certified')
 
         if [[ $SCAN_STATUS == "in progress" ]]; then
             echo "Scanning in progress, waiting..."
         elif [[ $SCAN_STATUS == "null" ]];  then
             echo "Image is still not present in the registry!"
-        elif [[ $SCAN_STATUS == "passed" ]]; then
+        elif [[ $SCAN_STATUS == "completed" && "$IMAGE_CERTIFIED" == "true" ]]; then
             echo "Scan passed!" ; return 0
         else
             echo "Scan failed!" ; return 1
@@ -94,9 +95,10 @@ publish_the_image()
     local IMAGE=$(get_image not_published "${RHEL_PROJECT_ID}" "${VERSION}" "${RHEL_API_KEY}")
     local IMAGE_EXISTS=$(echo $IMAGE | jq -r '.total')
     if [[ $IMAGE_EXISTS == "1" ]]; then
-        local SCAN_STATUS=$(echo $IMAGE | jq -r '.data[0].scan_status')
-        if [[ $SCAN_STATUS != "passed" ]]; then
-            echo "Image you are trying to publish did not pass the certification test, its status is \"${SCAN_STATUS}\""
+        local SCAN_STATUS=$(echo "$IMAGE" | jq -r '.data[0].container_grades.status')
+        local IMAGE_CERTIFIED=$(echo "$IMAGE" | jq -r '.data[0].certified')
+        if [[ $SCAN_STATUS != "completed" ||  "$IMAGE_CERTIFIED" != "true" ]]; then
+            echo "Image you are trying to publish did not pass the certification test, its status is \"${SCAN_STATUS}\" and certified is \"${IMAGE_CERTIFIED}\""
             return 1
         fi
     else
@@ -137,14 +139,8 @@ sync_tags()
 
     local IMAGE=$(get_image published "${RHEL_PROJECT_ID}" "${VERSION}" "${RHEL_API_KEY}")
     local IMAGE_EXISTS=$(echo $IMAGE | jq -r '.total')
-    if [[ $IMAGE_EXISTS != "0" ]]; then
-        local SCAN_STATUS=$(echo $IMAGE | jq -r '.data[0].scan_status')
-        if [[ $SCAN_STATUS != "passed" ]]; then
-            echo "Image you are trying to publish did not pass the certification test, its status is \"${SCAN_STATUS}\""
-            return 1
-        fi
-    else
-        echo "Image you are trying to publish does not exist."
+    if [[ $IMAGE_EXISTS == "0" ]]; then
+        echo "Image you are trying to sync does not exist."
         return 1
     fi
 
