diff --git a/python-operator-courier.spec b/python-operator-courier.spec index c5a338d..f83fafb 100644 --- a/python-operator-courier.spec +++ b/python-operator-courier.spec @@ -1,6 +1,6 @@ Name: python-operator-courier -Version: 2.1.7 -Release: 4%{?dist} +Version: 2.1.8 +Release: 1%{?dist} Summary: Library and CLI tool to build, verify and push operator metadata License: ASL 2.0 @@ -32,6 +32,9 @@ BuildRequires: python3-PyYAML BuildRequires: python3-pytest BuildRequires: python3-pytest-runner +# Patches +# https://github.com/operator-framework/operator-courier/pull/189 +Patch0001: validate-crd-spec-versions.patch %description -n python3-operator-courier The operator courier library is used to build, validate and @@ -62,6 +65,9 @@ push Operator Artifacts to quay.io application registries. %changelog +* Thu Jul 16 2020 Jakub Hrozek - 2.1.8-1 +- update to upstream version 2.1.8 + * Tue May 26 2020 Miro HronĨok - 2.1.7-4 - Rebuilt for Python 3.9 diff --git a/validate-crd-spec-versions.patch b/validate-crd-spec-versions.patch new file mode 100644 index 0000000..85613b6 --- /dev/null +++ b/validate-crd-spec-versions.patch @@ -0,0 +1,132 @@ +From 6183101985e7c3c83c13aa5c7eb7545bccc8953b Mon Sep 17 00:00:00 2001 +From: Simone Tiraboschi +Date: Mon, 13 Jul 2020 23:31:05 +0200 +Subject: [PATCH] Correctly validate crd.spec.versions + +crd.spec.version got deprecated for crd.spec.versions +but in this case we are going to access a list of +dictionaries where the relevant value +is in the name field. + +Fix all the validations on spec.versions and add +additional validations. + +Fix also its test. + +Signed-off-by: Simone Tiraboschi stirabos@redhat.com +Fixes: #188 +--- + operatorcourier/validate.py | 56 +++++++++++++++++-- + .../crdversions.invalid.bundle.yaml | 4 +- + .../crdversions.valid.bundle.yaml | 8 ++- + 3 files changed, 59 insertions(+), 9 deletions(-) + +diff --git a/operatorcourier/validate.py b/operatorcourier/validate.py +index 2a4a4fa..9644aa7 100644 +--- a/operatorcourier/validate.py ++++ b/operatorcourier/validate.py +@@ -156,11 +156,52 @@ def _crd_validation(self, bundle): + if "group" not in crd['spec']: + self._log_error("crd spec.group not defined.") + valid = False +- if "versions" not in crd['spec']: +- if "version" not in crd['spec']: +- self._log_error("crd spec.version or spec.versions not defined") ++ if ( ++ "versions" not in crd['spec'] and ++ "version" not in crd['spec'] ++ ): ++ self._log_error( ++ "crd spec.version or spec.versions not defined." ++ ) ++ valid = False ++ if "versions" in crd['spec']: ++ if not len(crd['spec']['versions']) > 0: ++ self._log_error("crd spec.versions is empty.") + valid = False +- ++ else: ++ for ver in crd['spec']['versions']: ++ if ( ++ "name" not in ver or ++ "served" not in ver or ++ "storage" not in ver ++ ): ++ self._log_error( ++ "crd spec.versions contains an invalid " ++ "CustomResourceDefinitionVersion." ++ ) ++ valid = False ++ if "version" in crd['spec']: ++ if ( ++ "name" in crd['spec']['version'][0] and ++ crd['spec']['version'][0]['name'] != ++ crd['spec']['version'] ++ ): ++ self._log_error( ++ "crd spec.version and spec.versions are " ++ "defined but spec.versions[0].name " ++ "doesn't match spec.version." ++ ) ++ valid = False ++ storage_version_list = [ ++ v for v in crd['spec']['versions'] ++ if "storage" in v and v['storage'] is True ++ ] ++ if len(storage_version_list) != 1: ++ self._log_error( ++ "crd spec.version should contain exactly " ++ "one version flagged as storage version." ++ ) ++ valid = False + return valid + + def _csv_validation(self, bundle): +@@ -273,8 +314,11 @@ def _csv_spec_validation(self, spec, bundleData): + if 'version' in csvOwnedCrd: + if 'spec' in crd: + if 'versions' in crd['spec']: +- if csvOwnedCrd['version'] not in crd['spec']['versions']: +- self._log_error('CSV.spec.crd.owned.version is' ++ if csvOwnedCrd['version'] not in [ ++ v['name'] for v in crd['spec']['versions'] ++ if 'name' in v ++ ]: ++ self._log_error('CSV.spec.crd.owned.version is ' + 'not in CRD.spec.versions list') + valid = False + if 'version' in crd['spec']: +diff --git a/tests/test_files/bundles/verification/crdversions.invalid.bundle.yaml b/tests/test_files/bundles/verification/crdversions.invalid.bundle.yaml +index 1512e96..63bce44 100644 +--- a/tests/test_files/bundles/verification/crdversions.invalid.bundle.yaml ++++ b/tests/test_files/bundles/verification/crdversions.invalid.bundle.yaml +@@ -263,7 +263,9 @@ data: + - packages + type: object + versions: +- - v1beta1 ++ - name: v1beta1 ++ served: true ++ storage: true + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: +diff --git a/tests/test_files/bundles/verification/crdversions.valid.bundle.yaml b/tests/test_files/bundles/verification/crdversions.valid.bundle.yaml +index 92f4c7a..311fa8f 100644 +--- a/tests/test_files/bundles/verification/crdversions.valid.bundle.yaml ++++ b/tests/test_files/bundles/verification/crdversions.valid.bundle.yaml +@@ -263,8 +263,12 @@ data: + - packages + type: object + versions: +- - v1alpha1 +- - v1beta1 ++ - name: v1beta1 ++ served: true ++ storage: true ++ - name: v1alpha1 ++ served: true ++ storage: false + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: